Olympic Sponsors Are Prime Targets For Hackers

As the Olympic Games begin following arson attacked on the transport network surrounding Paris, there is a  heightened threat of cyber attacks in Paris, especially targeting key sponsors and those closely associated with the event.

Now, cyber security and threat exposure firm Tenable is warning that all those at risk to  be extra vigilant against cyber attacks such as ransomware, identity management breaches, and physical attacks on hardware like CCTV and ticket gates. 

“Organisations associated with the games will soon enter an IT ‘freeze’ period, meaning their systems will be left as they are to avoid any periods of inaccessibility or disruption,” said Bernard Montel, EMEA Technical Director and Security Strategist at Tenable. “Whilst this makes sense, it also makes systems incredibly vulnerable because of a lack of proactive security updating.”

Threat actors will be all too aware that any disruption to services would be devastating. This could mean organisations are more vulnerable to extortion in an effort to resolve any outages as quickly as possible and 
with all eyes on Paris  hackers could see the Games as an opportunity too good to miss.

  • This year, it's not beyond the realms of possibility to see an attack targeting CCTV, security gates, ticket turnstiles, travel infrastructure or even energy providers. 
  • Another avenue that could be targeted is the sound systems and big screens within venues, or even online streaming platforms, with inflammatory messages and other defacing efforts. 

Recently Microsoft warned of an intense disinformation campaign by Russia aimed at tarnishing the reputation of the International Olympic Committee and stoking fears of violence at the 2024 Games. Securing infrastructure from cybersecurity threats requires a combination of resources, people, and technology.  

For those at risk throughout July, Tenable recommends: 

  • Patch and Permission:  Conduct a full inventory check of all software updates, apply patches, and revise user permissions.   
  • Bolster User Access:  Identify admin accounts and strengthen access with multi-factor authentication.
  • No ID, No Entry:  Carefully consider access and identity management, creating accounts only in exceptional circumstances.
  • Behaviour Monitoring:  Implement continuous monitoring for signs of abnormal behaviour or suspicious activity.
  • Stand By for Action:  Ensure security teams are on standby, ready to take immediate action if a critical vulnerability is identified. 

“The Olympic motto is Citius, Altius, Fortius, meaning Faster, Higher, Stronger. While Olympians live and breathe this sentiment, so too do the hackers and scammers preparing to exploit the Games... There are many sponsors and suppliers preparing to successfully deliver Paris 2024, all of whom will have dedicated infrastructure and resources. Unfortunately, this makes them prime targets for hackers over the next month.” ” Montel continued. 

Also commenting, Steve Bradford, Senior Vice President EMEA at SailPoint said “Between tourists, athletes, sports federations, partner companies and public authorities, the playground for hackers is virtually unlimited. Companies involved in the Games need to be on constant alert and equip themselves with the tools they need to ensure their security."

“Cyber security during major events like these is a collective challenge requiring vigilance, preparation and cooperation at all levels.” according to Bradford.

Businesses are at their most vulnerable during periods of high user traffic because increased activity strains security infrastructures, making it easier for cyber criminals to exploit weaknesses and infiltrate systems. The Korea 2018 Winters Games experienced an attack that interupted the opening ceremony. 

Tenable

Image: HJBC 

You Might Also Read: 

Major Sporting Events Are Open Targets:


If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

 


Cyber Security Intelligence: Captured Organised & Accessible


 

« Video Game Actors Fear Being Replace By AI 
Overcoming Obstacles To Zero Trust Adoption »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Bundesdruckerei

Bundesdruckerei

Bundesdruckerei specializes in secure identity technologies and services for protecting sensitive data, communications and infrastructures.

MSAB

MSAB

MSAB is a pioneer in forensic technology for mobile device examination.

CybelAngel

CybelAngel

CybelAngel is a leading digital risk protection platform that detects and resolves external threats before these wreak havoc.

IABG

IABG

IABG offer independent, product-neutral consulting as well as technical and scientific services for the use of safety-relevant systems and technologies.

NetLib Security

NetLib Security

NetLib Security’s powerful, patented data security platform helps companies control data loss prevention (DLP) by managing what data can be transferred outside of their network.

Platin Bilişim

Platin Bilişim

Platin Bilisim is an IT Security company providing consultancy, solutions and operational support services.

Cyber Defense Agency (CDA)

Cyber Defense Agency (CDA)

Cyber Defense Agency is a premier professional services firm specializing in cyber security, computer network defense, and information security.

OISTE Foundation

OISTE Foundation

OISTE foundation allows users to control their digital identities using well-understood and secure algorithms that ensure the continued validity of an identity and its claims.

OurCrowd

OurCrowd

OurCrowd is a leading equity crowdfunding platform for investing in global startups.

Semmle

Semmle

Semmle's code analysis platform helps teams find zero-days and automate variant analysis. Secure your code with continuous security analysis and automated code review.

Intel

Intel

Intel products are engineered with built-in security technologies to help protect potential attack surfaces.

Sentrium Security

Sentrium Security

Sentrium is committed to helping organisations protect their technology, information and people. Our range of bespoke services provide solutions to tackle a broad range of cyber security challenges.

Novacoast

Novacoast

Novacoast helps organizations find, create & implement solutions for a powerful security posture through advisory, engineering, development & managed services.

Jera IT

Jera IT

Jera IT provide fully managed IT support, cybersecurity services, telecoms systems, and IT strategy consultancy to businesses based in Aberdeen and the surrounding area.

CardinalOps

CardinalOps

The CardinalOps platform continuously assesses your detection posture and eliminates coverage gaps in your existing detection stack so you can easily implement a threat-informed defense.

VT Group (VTG)

VT Group (VTG)

VTG delivers force modernization and digital transformation solutions that expand America’s competitive advantage in the modern battlespace.