Olympic Sponsors Are Prime Targets For Hackers

Uploaded on 2024-07-29 in GOVERNMENT-National, GOVERNMENT-Law Enforcement, FREE TO VIEW

As the Olympic Games begin following arson attacked on the transport network surrounding Paris, there is a  heightened threat of cyber attacks in Paris, especially targeting key sponsors and those closely associated with the event.

Now, cyber security and threat exposure firm Tenable is warning that all those at risk to  be extra vigilant against cyber attacks such as ransomware, identity management breaches, and physical attacks on hardware like CCTV and ticket gates. 

“Organisations associated with the games will soon enter an IT ‘freeze’ period, meaning their systems will be left as they are to avoid any periods of inaccessibility or disruption,” said Bernard Montel, EMEA Technical Director and Security Strategist at Tenable. “Whilst this makes sense, it also makes systems incredibly vulnerable because of a lack of proactive security updating.”

Threat actors will be all too aware that any disruption to services would be devastating. This could mean organisations are more vulnerable to extortion in an effort to resolve any outages as quickly as possible and 
with all eyes on Paris  hackers could see the Games as an opportunity too good to miss.

  • This year, it's not beyond the realms of possibility to see an attack targeting CCTV, security gates, ticket turnstiles, travel infrastructure or even energy providers. 
  • Another avenue that could be targeted is the sound systems and big screens within venues, or even online streaming platforms, with inflammatory messages and other defacing efforts. 

Recently Microsoft warned of an intense disinformation campaign by Russia aimed at tarnishing the reputation of the International Olympic Committee and stoking fears of violence at the 2024 Games. Securing infrastructure from cybersecurity threats requires a combination of resources, people, and technology.  

For those at risk throughout July, Tenable recommends: 

  • Patch and Permission:  Conduct a full inventory check of all software updates, apply patches, and revise user permissions.   
  • Bolster User Access:  Identify admin accounts and strengthen access with multi-factor authentication.
  • No ID, No Entry:  Carefully consider access and identity management, creating accounts only in exceptional circumstances.
  • Behaviour Monitoring:  Implement continuous monitoring for signs of abnormal behaviour or suspicious activity.
  • Stand By for Action:  Ensure security teams are on standby, ready to take immediate action if a critical vulnerability is identified. 

“The Olympic motto is Citius, Altius, Fortius, meaning Faster, Higher, Stronger. While Olympians live and breathe this sentiment, so too do the hackers and scammers preparing to exploit the Games... There are many sponsors and suppliers preparing to successfully deliver Paris 2024, all of whom will have dedicated infrastructure and resources. Unfortunately, this makes them prime targets for hackers over the next month.” ” Montel continued. 

Also commenting, Steve Bradford, Senior Vice President EMEA at SailPoint said “Between tourists, athletes, sports federations, partner companies and public authorities, the playground for hackers is virtually unlimited. Companies involved in the Games need to be on constant alert and equip themselves with the tools they need to ensure their security."

“Cyber security during major events like these is a collective challenge requiring vigilance, preparation and cooperation at all levels.” according to Bradford.

Businesses are at their most vulnerable during periods of high user traffic because increased activity strains security infrastructures, making it easier for cyber criminals to exploit weaknesses and infiltrate systems. The Korea 2018 Winters Games experienced an attack that interupted the opening ceremony. 

Tenable

Image: HJBC 

You Might Also Read: 

Major Sporting Events Are Open Targets:

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

 

Cyber Security Intelligence: Captured Organised & Accessible

 

« Video Game Actors Fear Being Replace By AI 
Overcoming Obstacles To Zero Trust Adoption »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

British Insurance Brokers’ Association (BIBA)

British Insurance Brokers’ Association (BIBA)

BIBA is the UK’s leading general insurance intermediary organisation. Use the ‘Find Insurance‘ section of the BIBA website to find providers of cyber risk insurance in the UK.

Upstream Security

Upstream Security

Upstream Security is the first cloud-based cyber-security solution that protects the technologies and applications of connected and autonomous vehicles.

Calian Group

Calian Group

Calian is a diverse Canadian company offering professional services in areas including Advanced Technologies, Health, Learning and IT & Cyber Solutions.

TUV Rheinland Group

TUV Rheinland Group

TUV Rheinland Group is a testing services company with nearly 145 years of technological experience. We help you to protect your systems comprehensively, proactively and permanently.

Telelogos

Telelogos

Telelogos is a European provider of Enterprise Mobility Management software, Digital Signage software and Data Transfer and Synchronization software.

Fend

Fend

Fend secures smart infrastructure. We provide a robust, highly secure way to have situational awareness of IoT enabled assets.

Envelop Risk

Envelop Risk

Envelop Risk is a global specialty cyber insurance firm, combining decades of insurance industry expertise with sophisticated cyber and artificial intelligence-based analytics.

CyberCyte

CyberCyte

CyberCyte provides a disruptive built-in integrated physical, network and perimeter security solution framework.

SignalSEC

SignalSEC

SignalSEC provides vulnerability intelligence, malware analysis, penetration testing and associated training services.

Mitnick Security

Mitnick Security

Mitnick Security is a leading global provider of information security consulting and training services.

Seigur

Seigur

Seigur is an IT consultancy business providing flexible legal and cyber security services for IT and data privacy programmes.

Cognilytica

Cognilytica

Cognilytica’s Cognitive Project Management for AI (CPMAI) training and certification is recognized around the world as the best practices methodology for implementing successful AI & ML projects.

CDS

CDS

CDS is a strategic change agency enabling organisations and businesses to create and build better services to meet the evolving needs of customers, employees and citizens.

Rhymetec

Rhymetec

Rhymetec are an industry leader in cloud security, providing innovative cybersecurity and data privacy services to the modern-day SaaS business.

InterSources

InterSources

InterSources is a trusted partner, leading the way in Cloud Security, Cybersecurity, PLG Consulting, Digital Transformation, and Professional Services.

CASwell

CASwell

Caswell is an industry-leading OEM/ODM specializing in networking, security, SD-WAN, NFV, telecommunication and IoT applications.