Olympic Sponsors Are Prime Targets For Hackers
As the Olympic Games begin following arson attacked on the transport network surrounding Paris, there is a heightened threat of cyber attacks in Paris, especially targeting key sponsors and those closely associated with the event.
Now, cyber security and threat exposure firm Tenable is warning that all those at risk to be extra vigilant against cyber attacks such as ransomware, identity management breaches, and physical attacks on hardware like CCTV and ticket gates.
“Organisations associated with the games will soon enter an IT ‘freeze’ period, meaning their systems will be left as they are to avoid any periods of inaccessibility or disruption,” said Bernard Montel, EMEA Technical Director and Security Strategist at Tenable. “Whilst this makes sense, it also makes systems incredibly vulnerable because of a lack of proactive security updating.”
Threat actors will be all too aware that any disruption to services would be devastating. This could mean organisations are more vulnerable to extortion in an effort to resolve any outages as quickly as possible and
with all eyes on Paris hackers could see the Games as an opportunity too good to miss.
- This year, it's not beyond the realms of possibility to see an attack targeting CCTV, security gates, ticket turnstiles, travel infrastructure or even energy providers.
- Another avenue that could be targeted is the sound systems and big screens within venues, or even online streaming platforms, with inflammatory messages and other defacing efforts.
Recently Microsoft warned of an intense disinformation campaign by Russia aimed at tarnishing the reputation of the International Olympic Committee and stoking fears of violence at the 2024 Games. Securing infrastructure from cybersecurity threats requires a combination of resources, people, and technology.
For those at risk throughout July, Tenable recommends:
- Patch and Permission: Conduct a full inventory check of all software updates, apply patches, and revise user permissions.
- Bolster User Access: Identify admin accounts and strengthen access with multi-factor authentication.
- No ID, No Entry: Carefully consider access and identity management, creating accounts only in exceptional circumstances.
- Behaviour Monitoring: Implement continuous monitoring for signs of abnormal behaviour or suspicious activity.
- Stand By for Action: Ensure security teams are on standby, ready to take immediate action if a critical vulnerability is identified.
“The Olympic motto is Citius, Altius, Fortius, meaning Faster, Higher, Stronger. While Olympians live and breathe this sentiment, so too do the hackers and scammers preparing to exploit the Games... There are many sponsors and suppliers preparing to successfully deliver Paris 2024, all of whom will have dedicated infrastructure and resources. Unfortunately, this makes them prime targets for hackers over the next month.” ” Montel continued.
Also commenting, Steve Bradford, Senior Vice President EMEA at SailPoint said “Between tourists, athletes, sports federations, partner companies and public authorities, the playground for hackers is virtually unlimited. Companies involved in the Games need to be on constant alert and equip themselves with the tools they need to ensure their security."
“Cyber security during major events like these is a collective challenge requiring vigilance, preparation and cooperation at all levels.” according to Bradford.
Businesses are at their most vulnerable during periods of high user traffic because increased activity strains security infrastructures, making it easier for cyber criminals to exploit weaknesses and infiltrate systems. The Korea 2018 Winters Games experienced an attack that interupted the opening ceremony.
Image: HJBC
You Might Also Read:
Major Sporting Events Are Open Targets:
If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.
- Individual £5 per month or £50 per year. Sign Up
- Multi-User, Corporate & Library Accounts Available on Request
- Inquiries: Contact Cyber Security Intelligence
Cyber Security Intelligence: Captured Organised & Accessible