Brazilian hackers threaten to disrupt the World Cup with actions ranging from taking websites out of the air and invading website pages, adding cyber-attacks to the list of problems of an event already hit by protests, delays in construction works and an overflow of costs.
In a country with a high rate in online crimes, problems in telecommunications infrastructure and little experience in cyber-attacks, the authorities strive to protect the government and FIFA websites.
Disgusted with the nearly 30 billion BRL (15 billion USD) of public funds spent on preparations for the World Cup, more than a million Brazilians took to the streets in June last year to demand better public services, greater transparency and fighting corruption. Now, hackers say they will join the choir. “We are already making plans”, said an alleged hacker whose nom de guerre is Eduarda Dioratto. “I don’t think they can do much to stop us”.
Via internet Reuters contacted Dioratto and others, who call themselves members of the international network of hackers known as Anonymous. Despite having no way to confirm the true identities of them, Reuters spoke with them to try to understand the threats and the impact they could have on the World Cup.
They said the event offers a global audience and is an opportune moment to attack sites operated by the FIFA, the government, and by other organizers or sponsors. “The attacks will be directed against official websites and companies that sponsor the Cup”, said the hacker known as Che Commodore, talking on Skype.
While concerns are currently concentrating on finalizing the construction works of the stadiums for the tournament, which begins on June 12, experts point out that little attention is being given to the Brazilian telecommunications infrastructure. Problems include overloaded networks, widespread use of pirated software and little investment in online security. To make it worse, Brazil has one of the most sophisticated networks of online criminals in the world, who are already acting in ticket sales and other transactions related to the Cup. “The question is not whether the World Cup will be attacked, but when”, said William Beer, a specialist in online security with consultancy firm Alvarez & Marsal.
Brazil is said to be ready, or as ready as it can be. “It would be irresponsible to say that any country is 100% prepared for a threat”, said General José Carlos dos Santos, head of the Army for online security. “But Brazil is prepared to respond to likely threats”. A Fifa spokesman declined to comment on the security issue.
Quick and easy
Internationally known for attacks against the CIA (the intelligence agency of the United States), Sony and the Vatican, Anonymous acted in Brazil in 2012, when it took the websites of large banks out of the air.
In the attack, thousands of computers accessed the websites of the institutions simultaneously, blocking normal access. The method would be the preferred form of attack also this time. “It’s fast, simple and damaging”, said Che Commodore.
With this problem in mind, the Army created a centre of defence for cyber-attacks, which heads a government task force to act during the period of the World Cup. Apart from an attack like the one of Anonymous, data theft is another threat.
The worst scenario would be a sophisticated enough action to affect the electricity network, communications or air traffic control system. However, in a recent interview, General Santos said authorities do not expect such a serious attack.
Members of Anonymous said in turn that they would not do anything to hamper the population. The same will not be the case for the government and event organisers. Notwithstanding the preparations by the government, hackers said they were not impressed with the adopted defences. “It’s nothing out of this world”, said an activist named Bile Day. “Security remains very low”.
Experts confirm that Brazil could prove ill-prepared. The country, which has no external enemies, is not used to being on alert and thus may not be aware of its vulnerabilities. “Brazil is a big target, is neutral and has a challenging infrastructure”, said Marcos Oliveira, executive of the North-American security company Blue Coat.
When bank websites were taken out of the air, Brazilian companies didn’t give much attention to that problem. In addition, more than half of Brazilians computers have pirated software, which makes them most vulnerable.