NBC News Experiment Exposes a Need for Device Protection
View research paper: From Russia With Love
NBC News teamed up with Trend Micro for a honeypot experiment in time for the 2014 Sochi Winter Olympics. The research aimed to measure how fast consumer-grade gadgets, like a MacBook Air®, a Lenovo ThinkPad® running Windows® 7, and a Samsung Galaxy S Android™ smartphone, can be compromised in an open environment.
Three parameters were set for the experiment:
- Device Settings: The honeypot called for gadgets running on different platforms, all set to their respective default settings and free from any basic protection.
- Computing Environment: The devices were configured in an environment effective and suitable for the experiment.
- User Behavior: Trend Micro researchers and NBC mimicked the Internet user activities of typical tourist spectators. These included visiting Sochi Olympics-related sites.
The result? The devices were almost immediately compromised.
The prominence of Sochi Olympics made the event an attractive social engineering lure. That, coupled with careless browsing on social networking sites increased the probability of infection. But although user behavior played a big role in getting the devices hit with malware, the lack of device security could not be undermined. Had the devices been equipped with security solutions or had their built-in security features been turned on, the results could have been different.
So far, Russia has been lenient in regulating domain registration. This has made it easier for cybercriminals to use Russian domains to host malicious content, store stolen data, or use for other purposes. While these problems exist, attendees of big sporting events like the Olympics or the World Cup are always strongly advised to take the necessary precautions to protect their devices and data.Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
Recent Posts
- Unleashing Chaos: Real World Threats Hidden in the DevOps Minefield
- From Vulnerable to Resilient: Cutting Ransomware Risk with Proactive Attack Surface Management
- AI Assistants in the Future: Security Concerns and Risk Management
- Silent Sabotage: Weaponizing AI Models in Exposed Containers
- AI vs AI: DeepFakes and eKYC