The Russian government, together with the national special services, is continuing strengthening the country's cyber-security prior to the World Cup football tournament being held in the country this summer.
Currently technical specialists from the Russian Federal Security Service (FSB, formerly the KGB) are completing their checks on hotel IT systems where the visiting teams and officials will live. FSB experts and other Russian special services are reported to believe that the mundial infrastructure is a possible target of cyber attacks.
Sergey Korolev, a senior expert at FSB's department ‘K' (tasked with fighting with cyber-crimes) told SC Media UK's St Petersburg correspondent that during its current checks of hotels and other World Cup infrastructure, the FSB is mostly interested in the reliability of WI-Fi equipment, the presence of the original "firmware", vulnerabilities in the code, the complexity of the administrator's password and other similar details.
Sergey Korolev commented: “Often WI-Fi points at hotels have vulnerabilities due to the installation of simple passwords by their management. Examples of such passwords include «admin», or admin1234". The current checks also focus on the assessments of permissive documentation of Internet providers in the regions hosting the World Cup 2018, as well as hotels, where national football teams will be based.”
Representatives of the FSB have said that the results already obtained showed poor security in computer networks at many hotels that had been the subject of these checks. Korolev has also added that while hotels within global chains pay a lot of attention to data protection, the level of IT security at the majority of other hotels remains relatively weak. The same applied to chain hotels, managed under a franchise.
In those hotels where management is carried out directly by the operator with a worldwide reputation, there are high requirements for information security: modern encryption protocols, isolated and encrypted data channels, etc.
During its checks representatives of the FSB also connect hotel Wi-Fi-equipment to their system of operational-search activities, with the aim of analysing traffic using DPI-complexes. These actions were mainly aimed at checking the FSB's ability to use its special capabilties in the event of a cyber-threat to members of national football teams and their officials.
Denis Batrankov, a senior information security cconsultant at Palo Alto Networks Russia told SC Media UK that the main threat is associated with the ability of a hacker to intercept web sessions of guests, and that that may take place in the case of the existing unprotected access to Wi-Fi in many hotels.
"In this case, hackers can read mails, getting access to Internet banking, bank card numbers, etc.", notes Batrankov.
The same view is shared by Sergey Perevozchikov, head of Cyberzachita, a leading Russian cyber-security enterprise, who told SC Media UK that after hijacking a session using a public Wi-Fi network, attackers can log in and get all or almost all of the data on the machine, including social networks access, bank accounts etc.
Sergey Perevozchikov comments: “That will be full-fledged surveillance. Criminals can not only watch users' actions, but also manipulate them: for example, redirecting users to a phishing page that is visually indistinguishable from the original, or bringing a notification of the need to install an important update of legal software, causing downloading of further virus' under its guise. "
A spokesperson for Asteros, another of Russia's leading enterprise, specialising on the design and installation of cyber-security systems, said hackers also pose a threat to "hotel systems, containing commercial, administrative and economic information that attackers can use for their purposes. According to analysts at Asteros, each hotel is a complex of engineering and information systems, and disruption of any of them can cause a domino effect and affect the working capacity of the entire building.
The FSB did not say which hotels are being screened. According to the organising committee of the 2018 World Cup, 32 teams that have qualified to participate in the finals of the championship chose to stay for the period of the competition, not only hotels, but also at the training bases of Russian football clubs, spas and resorts (all of these facilities are also checked for information security).
For example, the French team will live at the Hilton Garden Inn Moscow New Riga. The German national team will be based in the recreation centre near Moscow "Vatutinki"; while the national Team of England will be at the hotel forRestMix Club Sport & Relax in St. Petersburg.
An international sporting event of this level may well become a target of cyber-attacks says Iosif Linder, president of the International Counter-Terrorist Association. "Especially when anti-Russian feelings are at such a high level," - Linder added.
Retired Major-General of the Russian Ministry of Internal Affairs Vladimir Vorozhtsov, (who oversaw the international cooperation of the Russian Ministry of Internal Affairs with law enforcement agencies of other countries, including in the field of cybersecurity) told SC Media UK that there is a high threat of cyber-attacks on (Russian) infrastructure during the World Cup.
"Given high level of aggression towards Russia, such attacks can occur," Vorozhtsov said. Experts say that a successful cyber-attack may have a negative impact on the image of the country.
This view is echoed elsewhere within Russia where our correspondent reports that IT security checks were also conducted at least in part due to recent reports in the British media about a possible cyber-attack on Russia. He notes how a couple of weeks ago The Times reported that the United Kingdom is discussing the option of a cyber-attack against the Russian pro-governmental computer networks and web-sites with fake news and pro-Kremlin "troll factories" because of the "Skripal case".