Cyber Attacks Predicted For 2020 Summer Olympics

Now the first step is for the IOC (International Olympic Committee) to ensure every third party organisation involved in the planning and execution of the Games has secure cyber systems. Supply chains and partner organisations have notoriously been the weak link in previous cyber-attacks, leading to bigger and more well-known organisations falling victim.

The Pyeongchang 2018 Winter Olympics' website went down just before the event's Friday opening ceremony in South Korea, thanks to a cyber-attack, and stayed down for about 12 hours.

The outage left users unable to print tickets or view information about the games. Some networks around the games venues also went down. Speculation quickly suggested the outages were not accidental.

Researchers from McAfee’s Advanced Threat Research team have previously identified an implant, dubbed Gold Dragon, which has been used to target organisations associated with and involved in the Olympic Games. It’s an implant which could potentially be used again, this time to devastating effect.

There are cyber espionage groups in the wild which need to be monitored and managed. Fancy Bear (also known as APT28) is one such group, already having been caught performing cyber-attacks against, at least, sixteen national and international sporting and anti-doping organisations across three continents.

Millions of people are eagerly anticipating this summer's Olympic Games in Tokyo, and so are cyber attackers. "Events like the Olympics serve as an amplifier for cybercrime," said Emily Wilson, vice president of research at Terbium Labs speaking to Techradar.

Cyber attackers will be exploiting the "increased distraction around the Olympics, allowing them to be more successful."

When people are travelling and out of their element, they may be more suspicious of the emails they receive, but when it comes to an event like the Olympic games their defences may be down. So if they get an email saying their hotel reservation has been cancelled or a last-minute notification that a ticket to an event requires another level of validation, for example, "there is a higher sense of urgency," Wilson explained.

Organisations that are sending employees to work at the games can expect to see a spike in phishing as well as business email compromises (BECs), which will have significant repercussions, including account takeovers and identity theft from credit card fraud.

"It's a really good way for fraudsters to prey on those unusual streams of purchases." While your bank will be paying attention to these transactions, it's difficult for them to determine what a typical pattern of spending looks like....No financial institution wants to block someone's credit card in the middle of international travel, in the middle of the Olympic games," she said, "because it's unusual activity, and consumers are going to be spending in a way they haven't in the past." Wilson said.

Two-factor and multifactor authentication are crucial elements of the Olympic security efforts, as well better education and security awareness amog Olympic. It also means employees and other attendees "have to slow down to make sure we're not getting taken advantage of," she said. Closely review any communications you receive and familiarize yourself with what the official emails from the IOC and ticket issuers look like, Wilson advised.

Hacking Growing

Another reason to be overly cautious is that the dark web criminal market is ull of ease of use tools that can teach cybercriminals how to be more successful with things like phishing. People can also purchase "scam pages," preformatted, precoded pages or websites designed to mimic a major brand, which saves them the trouble of having to do the work themselves. Scam pages are designed both for desktops and mobile devices, "and that's a great way to take advantage of people who are travelling or on the go, which means they're going to be more distracted and perhaps more susceptible to a phishing email."

The Olympics run from July 24th  to August 9th and the experts at Terbium think that cyber attacks will start in early in April and will "build up to a crescendo in the weeks immediately preceding and during the Olympics, as criminals prey on that sense of urgency the closer we get to the games starting."

TechRepublic:          TechRadar

You Might Also Read:

Russian Spies Hacked The Korean Olympics:

 

 

 

« New UK Cyber Force Targets Terror Groups
Where Is Iran's Cyber Response To It's General's Assassination? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

GlobalSign

GlobalSign

GlobalSign is an identity services company providing cloud-based, PKI solutions for enterprises needing to conduct safe commerce, communications, content delivery and community interactions.

RKH Specialty

RKH Specialty

RKH Specialty, part of the Hyperion Insurance Group, is a provider of specialty insurance services including Cyber Risk cover.

VMRay

VMRay

VMRay delivers advanced threat analysis and detection that combines a unique agentless hypervisor-based network sandbox with a real-time reputation engine.

NSIT

NSIT

NSIT SAS is a consulting, advisory and service provider in IT systems. Solution areas include networking & infrastructure, IT management & administration, and cyber security.

Gita Technologies

Gita Technologies

Gita Technologies works to create integrated solutions to the thorniest problems in the field of intelligence and cyber today.

Zighra

Zighra

Zighra is a leading provider of On-Device AI solutions for continuous authentication and fraud detection on mobile and web applications.

Advisera 27001Academy

Advisera 27001Academy

Advisera is a market leader in providing documentation and online support for the implementation of business standards including ISO 27001, ISO 22301 and EU GDPR.

Ksmartech

Ksmartech

Ksmartech provide services related to security and authentication in all areas where the connection of people to objects, and objects and objects is necessary.

Findcourses.co.uk

Findcourses.co.uk

Findcourses is a dedicated education search engine designed to make it easy for our learners to search and find exactly what they need from our community of trusted training providers.

Macquarie Telecom Group

Macquarie Telecom Group

Macquarie Telecom is Australia's datacentre, cloud, cyber security and telecom company for mid-large business and government customers.

BlueHalo

BlueHalo

BlueHalo is purpose-built to provide industry capabilities in the domains of Space Superiority and Directed Energy, Missile Defense and C4ISR, and Cyber and Intelligence.

Halogen Group

Halogen Group

Halogen Group is the leading Security Solutions Provider in West Africa. Services encompass Physical Security, Electronic Security, Virtual & Cyber Security, Risk Assessments and Training.

Lumifi

Lumifi

Lumifi provide end-to-end cybersecurity resilience solutions with a specialty in managed detection and response (MDR) services.

LogicMonitor

LogicMonitor

LogicMonitor provides SaaS-based IT infrastructure monitoring services for on-premises and multi-cloud environments.

Protect AI

Protect AI

Protect AI is a cybersecurity company focused on AI & ML systems. Through innovative security products and thought leadership in MLSecOps, we help our customers build a safer AI powered world.

Academia the Technology Group

Academia the Technology Group

Academia specialise in the supply of software, IT hardware, training and service solutions to the public sectors, business and pro media markets.