Cyber Attacks Predicted For 2020 Summer Olympics

Uploaded on 2020-03-18 in FREE TO VIEW

Now the first step is for the IOC (International Olympic Committee) to ensure every third party organisation involved in the planning and execution of the Games has secure cyber systems. Supply chains and partner organisations have notoriously been the weak link in previous cyber-attacks, leading to bigger and more well-known organisations falling victim.

The Pyeongchang 2018 Winter Olympics' website went down just before the event's Friday opening ceremony in South Korea, thanks to a cyber-attack, and stayed down for about 12 hours.

The outage left users unable to print tickets or view information about the games. Some networks around the games venues also went down. Speculation quickly suggested the outages were not accidental.

Researchers from McAfee’s Advanced Threat Research team have previously identified an implant, dubbed Gold Dragon, which has been used to target organisations associated with and involved in the Olympic Games. It’s an implant which could potentially be used again, this time to devastating effect.

There are cyber espionage groups in the wild which need to be monitored and managed. Fancy Bear (also known as APT28) is one such group, already having been caught performing cyber-attacks against, at least, sixteen national and international sporting and anti-doping organisations across three continents.

Millions of people are eagerly anticipating this summer's Olympic Games in Tokyo, and so are cyber attackers. "Events like the Olympics serve as an amplifier for cybercrime," said Emily Wilson, vice president of research at Terbium Labs speaking to Techradar.

Cyber attackers will be exploiting the "increased distraction around the Olympics, allowing them to be more successful."

When people are travelling and out of their element, they may be more suspicious of the emails they receive, but when it comes to an event like the Olympic games their defences may be down. So if they get an email saying their hotel reservation has been cancelled or a last-minute notification that a ticket to an event requires another level of validation, for example, "there is a higher sense of urgency," Wilson explained.

Organisations that are sending employees to work at the games can expect to see a spike in phishing as well as business email compromises (BECs), which will have significant repercussions, including account takeovers and identity theft from credit card fraud.

"It's a really good way for fraudsters to prey on those unusual streams of purchases." While your bank will be paying attention to these transactions, it's difficult for them to determine what a typical pattern of spending looks like....No financial institution wants to block someone's credit card in the middle of international travel, in the middle of the Olympic games," she said, "because it's unusual activity, and consumers are going to be spending in a way they haven't in the past." Wilson said.

Two-factor and multifactor authentication are crucial elements of the Olympic security efforts, as well better education and security awareness amog Olympic. It also means employees and other attendees "have to slow down to make sure we're not getting taken advantage of," she said. Closely review any communications you receive and familiarize yourself with what the official emails from the IOC and ticket issuers look like, Wilson advised.

Hacking Growing

Another reason to be overly cautious is that the dark web criminal market is ull of ease of use tools that can teach cybercriminals how to be more successful with things like phishing. People can also purchase "scam pages," preformatted, precoded pages or websites designed to mimic a major brand, which saves them the trouble of having to do the work themselves. Scam pages are designed both for desktops and mobile devices, "and that's a great way to take advantage of people who are travelling or on the go, which means they're going to be more distracted and perhaps more susceptible to a phishing email."

The Olympics run from July 24th  to August 9th and the experts at Terbium think that cyber attacks will start in early in April and will "build up to a crescendo in the weeks immediately preceding and during the Olympics, as criminals prey on that sense of urgency the closer we get to the games starting."

TechRepublic:          TechRadar

You Might Also Read:

Russian Spies Hacked The Korean Olympics:

 

 

 

« New UK Cyber Force Targets Terror Groups
Where Is Iran's Cyber Response To It's General's Assassination? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

PECB

PECB

PECB is a certification body for persons, management systems, and products on a wide range of international standards in a range of areas including Information Security and Risk Management.

Shape Security

Shape Security

Shape Security provide best-in-class defense against malicious automated cyberattacks on web and mobile applications.

IPQualityScore (IPQS)

IPQualityScore (IPQS)

IPQS anti-fraud tools provide a real-time fraud score to analyze how likely a user or visitor is to engage in fraudulent behavior.

Identity Defined Security Alliance (IDSA)

Identity Defined Security Alliance (IDSA)

IDSA is a group of identity and security vendors, solution providers and practitioners that acts as an independent source of education and information on identity-centric security strategies.

Pentera Security

Pentera Security

Pentera (formerly Pcysys) is focused on the inside threat. Our automated penetration-testing platform mimics the hacker's attack - automating the discovery of vulnerabilities.

ChainSecurity

ChainSecurity

ChainSecurity provides products and services for securing smart contracts and blockchain protocols and conducts R&D in the areas of security, program analysis, and machine learning.

LinkShadow

LinkShadow

LinkShadow is a next-generation cybersecurity solution that provides unparalleled detection of even the most sophisticated threats.

Antares NetlogiX

Antares NetlogiX

Antares Netlogix are a leading Austrian service provider for IT security, critical infrastructures and managed security services.

AutoSec

AutoSec

AutoSec supports the FFI program Electronics, Software and Communication by dissemination and exploitation of the results of projects related to automotive cybersecurity.

Toka Group

Toka Group

Toka empowers government agencies with critical and previously out-of-reach digital forensics, force protection and Intelligence capabilities, tackling the fields' most pressing challenges.

AirDroid Business

AirDroid Business

AirDroid Business is an efficient mobile device management solution for Android devices, helping businesses to remotely control and access devices in large quantities using a centralized approach.

Davinsi Labs

Davinsi Labs

Davinsi Labs helps companies achieve Digital Service Excellence with specialized Security Intelligence and Service Intelligence solutions.

Interactive

Interactive

Interactive are a leading Australian IT service provider with services in Cloud, Cyber Security, Data Centres, Business Continuity, Hardware Maintenance, Digital Workplace, and Networks.

ABM Technology Group

ABM Technology Group

ABM Technology Group (formerly True IT) provide business information technology services, solutions, and consulting for small to mid-sized organizations.

Intertec Systems

Intertec Systems

Intertec Systems is an award-winning, global IT solutions and services provider that specializes in digital transformation, cybersecurity, sustainability, and cloud services.

Zafran

Zafran

Zafran is a Risk & Mitigation Platform that defuses threat exploitation by mobilizing existing security tools.