fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

FBI Warns of 2022 Beijing Olympics Cyberattack, Privacy Risks

FBI Warns of 2022 Beijing Olympics Cyberattack, Privacy Risks

The Federal Bureau of Investigation (FBI) warned today that threat actors could potentially target the February 2022 Beijing Winter Olympics and March 2022 Paralympics. However, evidence of such attacks being planned is yet to be uncovered.

“The FBI to date is not aware of any specific cyber threat against the Olympics, but encourages partners to remain vigilant and maintain best practices in their network and digital environments,” the US security service said in a private industry notification (PIN) issued on Tuesday.

Also Read: What Does Resolution Of Data Really Means

As the FBI explained in the TLP:WHITE PIN, attacks coordinated by financially motivated or nation-state threat actors targeting the Beijing 2022 Winter Olympics could involve malware delivery, distributed denial of service (DDoS) attacks, ransomware, social engineering, phishing campaigns, and even insider threats.

If successful, such attacks could disrupt or block live broadcasts of the event, exfiltrate sensitive information after breaching IT systems, or impact private or public digital infrastructure supporting the Olympics.

The attackers’ end goal would likely be to “make money, sow confusion, increase their notoriety, discredit adversaries, and advance ideological goals.”

This warning follows a similar one issued last year regarding potential cyberattack risks surrounding the Tokyo 2020 Summer Olympics, which were the first to be transmitted exclusively via digital platforms and TV broadcasts due to COVID-19 pandemic restrictions.

Data belonging to the Tokyo 2020 Organizing Committee was stolen in late May 2021, before the competition started, after Japanese information technology company Fujitsu disclosed a breach impacted data belonging to government clients, including the Tokyo 2020 Organizing Committee and the Japanese Ministry of Land, Infrastructure, Transport, and Tourism.

In 2020, the Department of Justice also charged six Russian Main Intelligence Directorate (GRU) intelligence operatives (believed to be part of the Russian-sponsored hacking group tracked as Sandworm) for hacking operations targeting the Pyeongchang Winter Olympics.

Also Read: Top 10 Data Protection Cases That You Must Know About

Privacy concerns surrounding this year’s Winter Olympics

As revealed by a Citizen Lab report, My 2022 (the official app for the Beijing 2022 Winter Olympics) was found to be insecure as it doesn’t protect the users’ sensitive data, and a flaw in its encryption system allows middle-men to access documents, audio, and files in cleartext form.

The researchers also found that the app collects large amounts of sensitive information, including real-time location, list of installed apps, audio info, location access, device identifiers, WLAN status, complete passport info, daily health status, COVID-19 vaccination status, demographic data, and the organization the user works for.

The data collection is disclosed in the app’s privacy policy and, according to Chinese officials, it is required for COVID-19 protection controls, translation services, and tourism recommendations and navigation.

To make things even worse, using the My 2022 app isn’t optional since all athletes, members of the press, and the audience are required to install the app and add their personal information to it.

FBI also addresses these privacy risks in today’s PIN, advising athletes to install the My 2022 application on temporary devices.

“The FBI urges all athletes to keep their personal cell phones at home and use a temporary phone while at the Games,” the federal agency added.

“The National Olympic Committees in some Western countries are also advising their athletes to leave personal devices at home or use temporary phones due to cybersecurity concerns at the Games.”

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us