Russian President Vladimir Putin has claimed that his country’s security agencies successfully foiled as many as 25 million cyber-attacks during the World Cup.
“During the period of the World Cup, almost 25 million cyber-attacks and other criminal acts on the information structures in Russia, linked in one way or another to the World Cup, were neutralised,” he said while addressing a meeting with security agencies.
Was Russia really attacked so many times?
While it is common knowledge that global events such as the Football World Cup or the Olympics will certainly attract the attention of hackers, the fact that Russia was at the receiving end of such a massive barrage of cyber-attacks during the World Cup would certainly confound experts.
Russian hacker groups such as Pawn Storm are often found to be behind a majority of cyber attacks during elections or international events in hostile countries. The Russian state is also seen as being supportive to home-grown hackers who often use the comfort of international borders to perpetrate motivated cyber-attacks on organisations and political parties in Europe and beyond.
For instance, while speaking at an annual economic forum in the Konstantinovsky Palace near St. Petersburg last year, Putin termed Russia-based hackers as ‘patriotically minded’ and ‘free-spirited.’
“Hackers are free-spirited people, like artists. They read something that is happening in interstate relations, and if they’re patriotically minded, they start making their contribution,” he said. Later on, Russia termed the WannaCry cyber-attack, of which it itself was a victim, as a scourge of humanity.
Sean Sullivan, Security Advisor at F-Secure, also questioned whether Russia really suffered 25 million cyber-attacks or if the country’s security agencies discovered 25 million suspicious data points during the World Cup.
“Clearly there weren’t 25 million “cyber-attacks”. (Which would be physically destructive if properly defined.) And what about DDoS attacks? Unlikely. What then? IP addresses and other related activity? Probably. I have no doubt that threat monitoring would have generated 25 million suspicious data points during the World Cup.
“So, it would be more accurate to say something such as unauthorised network scans and DDoS attempts were monitored and successfully mitigated on an impressive scale, requiring tens of millions of data points to be processed. Well done to Russia’s security teams. But that doesn’t sound as impressive, politically speaking, does it?” he said.
Cyber-attacks more a certainty than a possibility
Even though, if Putin is to be believed, this is one of those rare occurrences when Russia is at the receiving end of millions of cyber-attacks, the possibility of such attacks happening was foreseen by many security experts.
In a survey of 326 information security professionals carried out by Lastline in June, 72 percent of respondents said that high-profile cyber attacks could be launched during the World Cup either using DDoS attacks or by targeting social media channels.
At the same time, 44 percent of security professionals believed hackers could target email correspondence during the event and another 47 percent believed hackers could exploit vulnerabilities in mobile communications.
“Cybercriminals do not exist in a vacuum. They will be aware of the immense media scrutiny the World Cup will be under, and will be hoping to capitalize on this as well as the financial opportunities such a unique event presents,” said Andy Norton, director of threat intelligence at Lastline.
“While we do not know where the threat will come from, or what form it will take, it’s highly likely that cybercriminals are devising plans for a cyberattack. The attack vectors used will vary depending on the threat actor and their individual motivations.
“An event like this, could see many different forms of attack from fake ticket spam to infiltration attempts into governing body infrastructure or even destructive payloads witnessed at the recent winter Olympics,” he added.