How to not get hacked at the World Cup

How do you say ‟identity theft” in Portuguese?


Aaron Sankin


Published Jun 11, 2014   Updated May 31, 2021, 3:59 am CDT

When the 2014 World Cup kicks of in Brazil this week, the event is expected to draw hundreds of thousands of diehard soccer fans from around the world. Since those fans are doubtlessly going to be bring their laptops and smartphones, a lot of those devices are very likely going to get hacked.

A report by Moscow-based cybersecurity firm Kaspersky Lab found many of the tech-y amenities being offered in Brazil to be fraught with danger.

Last month, a team of Kaspersky security experts drove around the Brazilian city of São Paulo and evaluated the security of more than 5,000 Wi-Fi networks located at tourist hotspots like malls, parks, and airports. They found that more than a quarter of the networks didn’t use any form of encryption. Data transmitted over these unencrypted network could easily be intercepted by a third party. This data doesn’t just include emails and browsing history, but also privates passwords and PINs.

Dmitry Bestuzhev, Kaspersky’s Head of Global Research and Analysis Team in Latin America, explained in a statement:

Some cybercriminals install fake Access Points, specially configured to steer all traffic through a host which can control it, perhaps even functioning as a ‘man-in-the-middle’ machine that intercepts and reads encrypted traffic. There’s a serious danger of losing all your sensitive data, and with it all of your funds. When traveling far from home, this is a disaster waiting to happen.

Since many of the World Cup spectators are coming from outside of the country, their mobile devices would likely incur massive charges for making calls, browsing the Web, or sending text messages over the country’s cellular network. Instead, many will surely turn to messaging and video chat apps like WhatsApp and Google Hangouts for communication—and those work for free if logged onto a Wi-Fi network.

As a result, there’s likely going to an awful lot of people relying on local Wi-Fi networks, which could be vulnerable to attack if they’re not encrypted. The majority of the unencrypted Wi-Fi networks catalogued by the researchers weren’t password protected, meaning that they’d likely appear inviting to tourists looking for a way to WhatsApp photos of the action on the pitch to friends and family back home.

Safe Wi-Fi isn’t the only thing necessary to successful Internet use during the World Cup. There’s also the issue of keeping the batteries charged.

Bestuzhev noted that there are a lot of readily available USB power stations chargers São Paulo; however, those outlet present some dangers.

USB charging outlet iPhone

Malicious USB ports don’t just charge your device—they also have the ability to access the data contained on those devices. Plugging into the wrong one could not only allow attackers to grab information from your smartphone, but also install malware on your device with the ability to track your location and make off with your passwords.

Visitors looking to keep themselves safe from these threats should always connect to the Internet through a Virtual Private Network (VPN) and avoid using any network that block VPN access. If worst comes to worst and you have to use a Wi-Fi network that prohibits VPNs, do all of your Web surfing through the TOR browser.

It is also recommended to avoid using USB chargers at untrusted locations altogether.

Kaspersky isn’t the only group looking into cybersecurity threats at the World Cup. Symantec put out its own report warning about hackers pretending to be financial institutions sending emails that direct victims to websites supposedly offering free World Cup tickets, but really just infecting their systems with viruses.

Despite all of these threats, the worst virus World Cup attendees have to contend with won’t affect their computers. The one they really have to watch out for is dengue fever.

Photo by Marcello Casal Jr/Wikimedia Commons (CC BY 3.0)

Share this article
*First Published: Jun 11, 2014, 9:22 am CDT