Prepare for Soccer Hooliganism 2.0

Matt Keil


Category: Uncategorized

World cup soccer is upon us and millions of people world wide will be clamoring for the latest updates on their favorite teams. In the US, the games are being streamed live by ESPN3, an easily accessible website that can deliver updates during common work hours. But theirs a catch. ESPN3 streaming is being supported by a set of dedicated service providers.

So what will an ardent soccer fan do when they want to access ESPN3 and does not know, or cannot find, the employers service provider?

The first reaction will be controlled anger and frustration. Unlike the drunken brawls (hooliganism 1.0) that would result from denying access to the favorite soccer teams, the high tech user will react differently.

I see three options a soccer fan may take (along with potential risks):

  1. Call IT for the information. The biggest risk here is being laughed at by IT for asking. Coming in a close second is the risk of your boss finding out and asking you to get back to work.
  2. Spend time searching the web for other accessible feeds – like Univision. A minor risk here is a lack of productivity. It is minor because in many cases, non-productive employees will find something to waste time on. A more significant risk is threat propagation from random clicking to access unknown video sites (drive by downloads anyone?). FIFA themed attacks are already popping up, one trying to take advantage of the Adobe zero day flaw (CVE-2010-1297) which by the way, was covered Palo Alto Networks on Tuesday of this week.
  3. Use remote access (RDP, LogMeIn!, etc) or tunneling applications (SSH) to access their home machine and watch from there. This avenue is possibly the most threatening because users will not understand the risks. The risks here are that the user will not know what they are doing and will open a back door to the corporate network (unknowingly of course). Too often, organizations will ignore, or minimize the risks that the use of these applications pose to the network.

Luckily, Palo Alto Networks customers will be more prepared to control, or prevent the use of these types of applications. This is not the case for those who use dated security technology, as pointed out in a previous entry.

Got something to say?

Get updates: Unit 42

Sign up to receive the latest news, cyber threat intelligence and research from Unit42


SUBSCRIBE TO RSS