Cyber-Threats Pose Challenges for NATO Summit in Chicago

Security experts expect WiFi freeloaders, man-in-the-middle attacks and targeted attacks against those working at the Chicago site of the upcoming NATO Summit.

Occupy Wall Street is expected to protest alongside the anti-globalization movement. Traffic will induce migraines. Some schools have rescheduled their proms. But an onslaught of cyber-attacks and WiFi freeloading will likely be the nastiest cherry on the NATO Summit pie, security experts say.

This, the first-ever North Atlantic Treaty Organization Summit to be held in the United States, outside of Washington D.C., will take place on May 20 and 21 in Chicago.

Cyber-headaches may include attackers targeting laptops and smartphones or freeloaders piggybacking on WiFi signals, security experts told the Chicago Sun-Times.

Beyond that, the Sun-Times reports that Internet, wireless voice and even electrical outages might occur, and that all Chicagoans should prepare by backing up their data.

€œPolitical activism and any type of social unrest manifest themselves first in cyber-space,€ Tom Kellermann, vice president of cyber-security for Trend Micro, in Cupertino, Calif., told the paper. €œWhether it€™s an anarchy movement, war opponents, terrorist groups, state-actor groups or criminal groups, they become much more active around these types of events.€

Kellermann, a former member of the president€™s Commission on Cybersecurity, spoke at a cloud computing conference in Chicago last week.

Here are security experts' recommendations to stay safe online during the Summit:

  • Avoid using WiFi or sharing your location via Foursquare or other check-in services near the event. Cyber-criminals can use location data for man-in-the-middle attacks against neighborhood access points, Kellermann noted. These attacks involve active eavesdropping, in which the attacker makes independent connections with the victims and relays messages between them, leading victims to believe they're talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker.
  • Those in the summit area should update their antivirus software. €œThe cyber-attacks will be against users, folks and entities that support the NATO event,€ Kellermann told the Sun-Times. €œThere will be targeted attacks via email and social media against people working security, catering, hospitality€”potentially any participant in the event.€
  • Smartphone users should password-protect their WiFi hot spots so freeloaders can't jump on their signals, Karl Volkman, chief technology officer at SRV Network, in Chicago, told the Sun-Times.
  • The FBI is warning travelers that staying in a hotel won't keep you safe. The Internet Crime Complaint Center (of which the FBI is a member) on May 8 issued a warning about attackers installing malware through pop-up windows while a traveler is linking to a hotel's Internet connection.

The FBI recommends these safety precautions when staying in hotels for all government, private industry and academic personnel, particularly when traveling abroad:

  • Use extra caution before updating software products on a hotel Internet connection.
  • Check the author or digital certificate of any prompted update to see if it corresponds to the software vendor.
  • Perform software updates on laptops immediately before traveling.
  • Download software updates directly from the software vendor€™s Website if updates are necessary while abroad.