Cyber Attacks Predicted For 2020 Summer Olympics

Now the first step is for the IOC (International Olympic Committee) to ensure every third party organisation involved in the planning and execution of the Games has secure cyber systems. Supply chains and partner organisations have notoriously been the weak link in previous cyber-attacks, leading to bigger and more well-known organisations falling victim.

The Pyeongchang 2018 Winter Olympics' website went down just before the event's Friday opening ceremony in South Korea, thanks to a cyber-attack, and stayed down for about 12 hours.

The outage left users unable to print tickets or view information about the games. Some networks around the games venues also went down. Speculation quickly suggested the outages were not accidental.

Researchers from McAfee’s Advanced Threat Research team have previously identified an implant, dubbed Gold Dragon, which has been used to target organisations associated with and involved in the Olympic Games. It’s an implant which could potentially be used again, this time to devastating effect.

There are cyber espionage groups in the wild which need to be monitored and managed. Fancy Bear (also known as APT28) is one such group, already having been caught performing cyber-attacks against, at least, sixteen national and international sporting and anti-doping organisations across three continents.

Millions of people are eagerly anticipating this summer's Olympic Games in Tokyo, and so are cyber attackers. "Events like the Olympics serve as an amplifier for cybercrime," said Emily Wilson, vice president of research at Terbium Labs speaking to Techradar.

Cyber attackers will be exploiting the "increased distraction around the Olympics, allowing them to be more successful."

When people are travelling and out of their element, they may be more suspicious of the emails they receive, but when it comes to an event like the Olympic games their defences may be down. So if they get an email saying their hotel reservation has been cancelled or a last-minute notification that a ticket to an event requires another level of validation, for example, "there is a higher sense of urgency," Wilson explained.

Organisations that are sending employees to work at the games can expect to see a spike in phishing as well as business email compromises (BECs), which will have significant repercussions, including account takeovers and identity theft from credit card fraud.

"It's a really good way for fraudsters to prey on those unusual streams of purchases." While your bank will be paying attention to these transactions, it's difficult for them to determine what a typical pattern of spending looks like....No financial institution wants to block someone's credit card in the middle of international travel, in the middle of the Olympic games," she said, "because it's unusual activity, and consumers are going to be spending in a way they haven't in the past." Wilson said.

Two-factor and multifactor authentication are crucial elements of the Olympic security efforts, as well better education and security awareness amog Olympic. It also means employees and other attendees "have to slow down to make sure we're not getting taken advantage of," she said. Closely review any communications you receive and familiarize yourself with what the official emails from the IOC and ticket issuers look like, Wilson advised.

Hacking Growing

Another reason to be overly cautious is that the dark web criminal market is ull of ease of use tools that can teach cybercriminals how to be more successful with things like phishing. People can also purchase "scam pages," preformatted, precoded pages or websites designed to mimic a major brand, which saves them the trouble of having to do the work themselves. Scam pages are designed both for desktops and mobile devices, "and that's a great way to take advantage of people who are travelling or on the go, which means they're going to be more distracted and perhaps more susceptible to a phishing email."

The Olympics run from July 24th  to August 9th and the experts at Terbium think that cyber attacks will start in early in April and will "build up to a crescendo in the weeks immediately preceding and during the Olympics, as criminals prey on that sense of urgency the closer we get to the games starting."

TechRepublic:          TechRadar

You Might Also Read:

Russian Spies Hacked The Korean Olympics:

 

 

 

« New UK Cyber Force Targets Terror Groups
Where Is Iran's Cyber Response To It's General's Assassination? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Cloud53

Cloud53

Cloud53 specialise in improving operational IT through strategic use of Cloud technologies and services.

Fortify Experts

Fortify Experts

Fortify Experts is a search and recruitment firm specializing in Cyber Security.

ZM CIRT

ZM CIRT

ZM CIRT is the national Computer Incident Response Team for Zambia.

Centurion Information Security

Centurion Information Security

Centurion Information Security is a consulting firm based in Singapore that specialises in penetration testing and security assessment services.

Certis

Certis

Certis is a leading advanced integrated security organisation that develops and delivers multi-disciplinary security and integrated services.

iQuila

iQuila

iQuila is a virtual overlay network which runs on top of an existing network. It creates a secure software enabled layer 2 connection across the internet or any public or private cloud.

ST Engineering

ST Engineering

ST Engineering is a leading provider of trusted and innovative cybersecurity solutions.

Rigado

Rigado

Rigado's mission is to enable commercial IoT success by providing high-performance secure and scalable wireless edge connectivity and network infrastructure.

Nemko

Nemko

Nemko offers testing, inspection, and certification services worldwide, mainly concerning products and systems, but also for machinery, installations, and personnel.

Calyptix Security

Calyptix Security

Calyptix Security helps small and medium offices secure their networks so they can raise profits, protect investments, and control technology.

Trusted Connectivity Alliance (TCA)

Trusted Connectivity Alliance (TCA)

Trusted Connectivity Alliance is a global, non-profit industry association which is working to enable a secure connected future.

Melius Cyber Security

Melius Cyber Security

Melius Cyber Security has developed a world-leading SaaS platform, Cyber Safe Plus, built around continuous assessment and improvement through vulnerability scanning and penetration testing

Certo Software

Certo Software

Certo are trusted experts in mobile security. At Certo, mobile security is not an afterthought, it’s what we do.

Dutch Research Council (NWO)

Dutch Research Council (NWO)

The Dutch Research Council (NWO) is one of the most important science-funding bodies in the Netherlands and ensures quality and innovation in science.

CSIRT-Gnd

CSIRT-Gnd

CSIRT-Gnd provides 24x7 Computer Security Incident Response Services to citizens, companies and government agencies in Grenada.

Defend-OT

Defend-OT

Defend-OT is a Belgium-based cybersecurity firm specializing in OT environments.