Olympic Sponsors Are Prime Targets For Hackers

Uploaded on 2024-07-29 in GOVERNMENT-National, GOVERNMENT-Law Enforcement, FREE TO VIEW

As the Olympic Games begin following arson attacked on the transport network surrounding Paris, there is a  heightened threat of cyber attacks in Paris, especially targeting key sponsors and those closely associated with the event.

Now, cyber security and threat exposure firm Tenable is warning that all those at risk to  be extra vigilant against cyber attacks such as ransomware, identity management breaches, and physical attacks on hardware like CCTV and ticket gates. 

“Organisations associated with the games will soon enter an IT ‘freeze’ period, meaning their systems will be left as they are to avoid any periods of inaccessibility or disruption,” said Bernard Montel, EMEA Technical Director and Security Strategist at Tenable. “Whilst this makes sense, it also makes systems incredibly vulnerable because of a lack of proactive security updating.”

Threat actors will be all too aware that any disruption to services would be devastating. This could mean organisations are more vulnerable to extortion in an effort to resolve any outages as quickly as possible and 
with all eyes on Paris  hackers could see the Games as an opportunity too good to miss.

  • This year, it's not beyond the realms of possibility to see an attack targeting CCTV, security gates, ticket turnstiles, travel infrastructure or even energy providers. 
  • Another avenue that could be targeted is the sound systems and big screens within venues, or even online streaming platforms, with inflammatory messages and other defacing efforts. 

Recently Microsoft warned of an intense disinformation campaign by Russia aimed at tarnishing the reputation of the International Olympic Committee and stoking fears of violence at the 2024 Games. Securing infrastructure from cybersecurity threats requires a combination of resources, people, and technology.  

For those at risk throughout July, Tenable recommends: 

  • Patch and Permission:  Conduct a full inventory check of all software updates, apply patches, and revise user permissions.   
  • Bolster User Access:  Identify admin accounts and strengthen access with multi-factor authentication.
  • No ID, No Entry:  Carefully consider access and identity management, creating accounts only in exceptional circumstances.
  • Behaviour Monitoring:  Implement continuous monitoring for signs of abnormal behaviour or suspicious activity.
  • Stand By for Action:  Ensure security teams are on standby, ready to take immediate action if a critical vulnerability is identified. 

“The Olympic motto is Citius, Altius, Fortius, meaning Faster, Higher, Stronger. While Olympians live and breathe this sentiment, so too do the hackers and scammers preparing to exploit the Games... There are many sponsors and suppliers preparing to successfully deliver Paris 2024, all of whom will have dedicated infrastructure and resources. Unfortunately, this makes them prime targets for hackers over the next month.” ” Montel continued. 

Also commenting, Steve Bradford, Senior Vice President EMEA at SailPoint said “Between tourists, athletes, sports federations, partner companies and public authorities, the playground for hackers is virtually unlimited. Companies involved in the Games need to be on constant alert and equip themselves with the tools they need to ensure their security."

“Cyber security during major events like these is a collective challenge requiring vigilance, preparation and cooperation at all levels.” according to Bradford.

Businesses are at their most vulnerable during periods of high user traffic because increased activity strains security infrastructures, making it easier for cyber criminals to exploit weaknesses and infiltrate systems. The Korea 2018 Winters Games experienced an attack that interupted the opening ceremony. 

Tenable

Image: HJBC 

You Might Also Read: 

Major Sporting Events Are Open Targets:

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

 

Cyber Security Intelligence: Captured Organised & Accessible

 

« Video Game Actors Fear Being Replace By AI 
Overcoming Obstacles To Zero Trust Adoption »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

IASME Consortium

IASME Consortium

IASME is one of five companies appointed as Accreditation Bodies for assessing and certifying against the UK Government's Cyber Essentials Scheme.

GovCERT.CZ

GovCERT.CZ

GovCERT.CZ is the Government Computer Emergency Response Team of the Czech Republic.

SI-CERT

SI-CERT

SI-CERT (Slovenian Computer Emergency Response Team) is the national cyber scurity incident response center for Slovenia.

D3 Security

D3 Security

D3's Smart SOAR platform is at the forefront of the security automation revolution, helping clients around the world to rapidly identify, analyze, and resolve advanced threats.

Signal Sciences

Signal Sciences

Signal Sciences Web Protection Platform (WPP) provides comprehensive threat protection and security visibility for web applications, microservices, and APIs on any platform.

Exatel

Exatel

Exatel is Poland’s leading provider of ICT security services.

Sergeant Laboratories

Sergeant Laboratories

Sergeant Laboratories builds advanced technologies to prove compliance in complex IT security and regulatory compliance situations.

BotRx

BotRx

BotRx is the only AI-enabled, automated fraud protection technology that allows fast & easy deployment - continually keeping invisible bad bots and agents at bay, so you can rest easy.

Hudson Cybertec

Hudson Cybertec

Hudson Cybertec are an internationally recognized Subject Matter Expert for cyber security in the Industrial Automation & Control Systems (IACS) domain.

Toothpic

Toothpic

ToothPic has invented, designed, developed and patented a solution to enable companies to turn every smartphone into a secure key for a user-friendly online authentication.

SIXGEN

SIXGEN

SIXGEN provides incident response, operational and penetration testing, red teaming, tool development, cyber training development and continuous monitoring.

VISTA InfoSec

VISTA InfoSec

VISTA InfoSec is a global Information Security Consulting firm with offices based in US, UK, Singapore and India.

Team Secure

Team Secure

Team Secure provide Enterprise-grade Cyber Security consultancy, managed security services and cyber security staffing services.

Kubus Hitam

Kubus Hitam

Kubus Hitam are a research-based company focused on cyber security. we strongly believe that innovation and safety are the two keywords for the future business market.

SquareX

SquareX

Squarex secures your online activities without compromising productivity.

Downdetector

Downdetector

Downdetector helps people all over the world understand disruptions to vital services such as the internet, social media, web hosting platforms, banks, games, entertainment, and more.