Nation-state and criminal hackers are targeting the Winter Olympics at a rapidly increasing rate, raising fears of phishing scams, hacks and other disruptive attacks. Already, the US government has warned its citizens to remain vigilant when it comes to cybersecurity risks during the event in Pyeongchang.
More recently, security firm McAfee has discovered malware that serves as the second-stage payload in a phishing campaign targeting organisations that are involved with the 2018 Winter Olympics. They released a report on Friday, detailing the discovery and analysis of the attack. IT security experts commented below.
Thomas Richards, Associate Principal Consultant at Synopsys:
“The Winter Olympics present a significant security challenge with regards to preventing attacks against the physical, social, and technical stacks that are important to the Olympics. With the Olympics happening once every 4 years, and always in a different place, the infrastructure to support the events will need to be built from the ground up every time. This will bring a flurry of activity and will involve contractors from multiple agencies working and running the events. With the physical scope of these events being so immense, tracking authorised personnel will be difficult. This may create opportunities for malicious actors to impersonate authorised personnel by dressing or acting the same, and attempting to enter restricted areas.
“Once inside the Olympic Village, the security will probably be the best for attendees, staff, and athletes. However, the protections will most likely not extend once outside the protective gates. Visitors should be cautious when exploring the city, especially after hours. Local crimes of opportunity, such as muggings and petty theft, may increase due to the sudden influx of foreign visitors. Visitors should also be wary of any scams that may involve cheap or easy ways to get access to meet athletes or get into the Olympic village. If an opportunity sounds too good to be true, it most often is not true. Visitors should keep their mobile devices close to their body as possible and enable passwords on the devices to prevent use in the event they are stolen.
“With the Olympics being a word class event, the cyber security attacks may show an advanced level of techniques. The Olympics security team should employ the latest in phishing and spam prevention techniques. This includes performing domain aging checks on any emails that are sent to Olympic emails, putting alerts on any emails coming from an external domain, and diligently informing staff that attackers may try to impersonate Olympic staff members and vendors. Any email requesting members to download attachments or visit a page which requires entering credentials should be highly suspect and reported to the security teams for investigation.
“The worst case scenario. resulting from someone hacking the 2018 Winter Olympics, would be a disruption of events. Almost all of the events will rely on computers for time and record keeping, disabling or modifying these systems may cause erroneous results. Additionally, the personal information of Olympic officials and athletes could be exposed due to a compromise of the computing systems.”
Hervé Dhelin, SVP Strategy at EfficientIP:
“Sporting events are ideal opportunities for hackers to strike. The attendance and attention to tournaments such as the Olympics, the World Cup or Grand Slam tennis events give them the rare occasion to attack a vast number of people with a known common interest. This is an ideal occasion for spoofing with phishing or volumetric attacks at the event itself.
Hacking team records and insider information on fitness could greatly alter betting odds; athletes’ personal data could be used for fraud; spectators, journalists and staff may have severely delayed or blocked Internet access; fans may unintentionally buy fake tickets; and a breach to the event site and infrastructure could damage the brand and its reputation. It’s a goldmine for those who aren’t looking to earn gold medals.”
EfficientIP has worked with Roland Garros to solve these issues pertaining to major tennis events. “We knew that DNS was critical and that it could be a target but also a vector of cyber-attacks,” explained Franck Labat, CTO of the French Tennis Federation (FFT). “We wanted a hardware-like appliance that could be easily integrated into our existing IT environment”.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.