Security Blunder at the World Cup

June 27, 2014
No Comment

By Shannon Perry

One of the simplest steps to bolstering cybersecurity is employing caution and complexity vis-à-vis passwords. Good passwords cannot be found in the dictionary; good passwords do not consist of only letters or only numbers; good passwords do not get shared with friends and family.

Good passwords also do not get Tweeted.

So it came as a surprise when RISCO Group, an Israeli security company for the FIFA World Cup this Summer in Brazil, posted the Wi-Fi SSID and password for the World Cup security center via Twitter this week. The original Tweet intended to demonstrate some of the current security measures at the World Cup. It has now been Re-Tweeted over 2,500 times (the ID and password can be found on the white board on the right side of the image).


While the Tweet illustrates how easily cybersecurity mistakes can be made, the password itself illustrates our tendency to create the simplest passwords possible, even at the expense of security. Great passwords are both easy-to-remember and hard-to-guess, but often one is sacrificed at the expense of the other. In this case, the password b5a2112014 is simply leetspeak for Brazil 2014, which most people would not describe as especially hard-to-guess.

Fortunately, the mistake is largely victimless and – to nearly everyone except RISCO Group – pretty funny. Hopefully this Tweet remains the biggest security blunder of this World Cup.