What's scarier than ghouls, ghosts, and goblins?
When cybersecurity threats and climate change policies collide on Halloween, of course.
World leaders, including President Biden, Queen Elizabeth II, and Pope Francis, will be attending a 12-day conference for climate change, referred to as COP26, in Glasgow, Scotland.
The conference begins on October 31st, on the final day of National Cybersecurity Awareness Month, and it could give hackers the chance to play a trick on attendees.
However, police are concerned that a cyberattack could leave thousands stranded by halting the underground railroad.
The Sunday Mail reports a "viable threat" against Glasgow's rail system.
Alex Dowall, Detective Superintendent for Cyber Investigations at Police Scotland, says his team is on high alert: "We know criminals will exploit any opportunity for their own gain and COP26 will be no different."
An attack like this could be part of two cyber trends. The first is that railroads around the world have been facing cyberattacks. It's also known that any high-profile political event attracts malware attacks.
Trains, fund drains, and cyber attackers
Major news outlets recently reported on an attack targeting train systems in Iran. The attack, which took place in July, was similar to attacks that took place in India around the same time.
Actors disrupted the trains by posting fake delay notices, but there was no interference with train operations, which continued to run normally.
Another attack took place in July that affected ticket machines for Northern, a rail system in the U.K.
Global events increase malware attacks
At SecureWorld conferences, we often hear about cyber threat trends. One of these threats is a spike in malware when your part of the world grabs headlines.
Security researcher Kenneth Geers followed this trend during the Trump presidency by watching for spikes in malware.
"In the case of North Korea, I dropped it (the malware spike) on a timeline and then there was one huge spike in the middle of the year, and literally, it was the day after Donald Trump was at the UN threatening to destroy North Korea," Geers says.
"And one of the things I found is that the single highest day for malware detection in North Korea was the very day that Donald Trump was in South Korea. Those are not coincidences."
With the UN Climate Conference coming to Glasgow, it is likely that cyberattacks will follow.
"My basic hypothesis in this kind of geopolitical analysis is that we're looking at cyber espionage. When there's a really big event like a North Korean missile launch over Japan, there's at least a dozen intelligence services that are very interested in gathering information very quickly on what's happening," Geers says.
Climategate 2.0?
This also wouldn't be the first time hackers have interfered with climate change researchers.
In 2009, bad actors stole thousands of emails in a major attack now known as Climategate. Hackers illegally accessed servers and published the emails on a Russian server.
New Scientist covered the story in 2012 when no one was charged for the crime. Norfolk Constabulary's Detective Chief Superintendent Julian Gregory told the publication the attack was carefully orchestrated.
"Despite detailed and comprehensive enquiries, supported by experts in this field, the complex nature of this investigation means that we do not have a realistic prospect of identifying the offender or offenders and launching criminal proceedings within the time constraints imposed by law," Gregory said.
Will there be any obstacles for conference goers this year? We will have to wait and see.
[RELATED: Podcast episode, Cyberattack on the WHO]
Since the COVID-19 pandemic, the World Health Organization (WHO) has been in the headlines more than ever, and the data it possesses has made it a significant cyber target.
Listen to the recent SecureWorld podcast for more.
