Pokemon Go: When Cybersecurity “Breaches” Real Life

Many of you may have recently seen what appear to be zombies roaming the planet in search of their next victim. 

Are you up to date with the latest mobile gaming sensation – Pokemon Go? Are you aware of the possible cybersecurity threats lurking beneath the game? 

Pokemon Go is a hit for many reasons, one of which is that it actually uses your location and surroundings as part of the game. While wandering through your neighbourhood, players can see both the houses on their street and the various Pokemon characters who magically appear- waiting to be caught. The game is addicting and engrossing, but unfortunately, it has brought with it some security issues.

First off, when the game launched, it asked for full access to your Google account information by default, allowing the game (or someone who may have compromised the game) access to a multitude of personal details such as your physical address, email, phone contacts, etc.  That has since been fixed by the developers, but it’s likely that millions of people have already inadvertently exposed their information. 

Soon after the game’s launch, a whole host of malware was created to trick users into downloading necessary applications that contain security issues, such as subscribing to unwanted services, clicking on paid advertising, and accessing additional private information.  These pieces of malware are being taken down as quickly as they can be discovered, but the potential clearly exists for more of this behavior to take place.

So what can a Pokemon master do to avoid getting breached? Here are some basic, common-sense security strategies: 

1. Never automatically accept requests to access services from applications you install.  Location awareness, access to contact information, etc. can all potentially be used against you in some way.  By default, you should never allow applications to access this information unless you understand why they want that access.

2. Always verify the author of an application before you download it.  This can be a bit difficult, but matching a company name to the application is typically a good starting point.  Then look at how many downloads it has, and the reviews or ratings of that application.  There is a high likelihood that something that has only been downloaded a few times and has a lot of negative reviews is not something you want on your device.

3. Always be cognizant of online safety with respect to the impact it can have on the real world.  If you have online “friends” that get access to your location information, it can cause all kinds of issues from stalking to burglary to something worse.  Realize that no one online is necessarily who they claim to be, and when the line between the real world and the online world gets blurred you need to take precautions.

Now go out and catch them all! 

 


An avatar of the author

BlueCat provides core services and solutions that help our customers and their teams deliver change-ready networks. With BlueCat, organizations can build reliable, secure, and agile mission-critical networks that can support transformation initiatives such as cloud adoption and automation. BlueCat’s growing portfolio includes services and solutions for automated and unified DDI management, network security, multicloud management, and network observability and health.

Related content

Article

Network Device Configuration Standardization – Thoughts on Ethan Banks’ post

Ethan Banks has an interesting newsletter called The Hot Aisle. Worth following if you’re not familiar with it, basically the thoughts of a very…

Read more
Article

Gold Standard Configuration for Network Devices

  Network and security teams in large enterprises spend quite a bit of time defining their “Gold Standard Configuration” for network…

Read more
Article

Comparing Check Point’s SmartEvent and SmartReporter vs indeni

Check Point’s SmartEvent and SmartReporter blades have made quite some progress over the last two years. The database used for collecting log data has…

Read more
Article

NERC Compliance Best Practices for Critical Infrastructure Protection (CIP) v5

We have a number of US-based energy grid operators that are leveraging indeni’s capabilities to meet the NERC CIP v5 requirements, that are soon to be…

Read more