The Olympic cyber games
As we transition to an increasingly digital world, every aspect of our lives is becoming augmented with digital technology. In most cases, that’s a good thing, as we get plenty of “quality of life” improvements that were simply impossible two or three decades ago.
However, as our real-world events become more interconnected with the digital space, they also become vulnerable to cyber security threats that weren’t as viable, nor as dangerous, before. The upcoming Beijing Olympic Games are a good example, as a recent FBI report warned businesses and individuals to stay alert.
The odds of malicious actors trying to interfere with the upcoming Olympics through a wide variety of cyber activities is more than likely — especially when it comes to data security breaches and the theft of sensitive personal data.
Why are the Olympic Games a target for hackers?
It’s important to note that hackers and malicious Internet groups adore high-profile events with plenty of publicity, businesses, and investments — and the Olympics are an excellent example. Trying to interfere with these events doesn’t just allow them to make money in an illegal way — they can increase their notoriety among other groups and the general populace by sowing confusion, discrediting their adversaries, and, depending on the group, even advancing some ideological goals.
So, what are some of the potential disruptions? These include disinformation campaigns, phishing campaigns, data leaks or theft, malware, and ransomware. There may also be insider threats designed to interfere with the existing digital infrastructure set up to support the Olympic games.
If you’re wondering what kind of companies and people are at risk, cyber actors would likely target the games supply-chain - event security, ticketing services, mass transit providers, and local hotel networks at the Olympics.
The FBI and other intelligence agencies don’t currently have information on any specific cyber threats that are endangering the cyber security of the Olympics — still, they’re encouraging all partners to stay vigilant and constantly maintain the best cyber security practices while setting up their digital environments and networks.
For instance, travelers and Olympic participants would be wise to use temporary phones and laptops while they attend these Beijing events, as this would lower the risk of any app and wifi-associated threats becoming a long-term problem after the games. Also, the FBI is urging any related service providers and connected businesses to give their people training on cyber threats and how they emerge.
It’s worth pointing out that this is nothing new, as the Olympics have always represented a great target for cyberattacks. However, the previous Tokyo Olympics managed to stay reasonably calm in that regard. Though, not for lack of trying — the NTT corporation, which was the provider of network security and telecoms services for the event, noted that there were hundreds of millions of attempted cyber incidents.
The operative word here is “attempted”, as the existing cyber security measures at the Tokyo Olympics ensured that none of these were successful. Still, the popular methods of attack included fake streaming services and fake websites designed to look like official Olympic providers, as well as the usual malware and email spoofing.
Just like with the Tokyo games, foreigners won’t have permission to attend the upcoming Beijing Winter Olympics in person — or the Paralympic games that are set to go live in March, for that matter. While this is great from a public health point of view as the COVID-19 pandemic has still not fully subsided, it also means a much larger emphasis on live streaming for the rest of the world.
An NTT report has shown that the threat landscape has changed quite a lot in the past two years — including the actors, their malicious tactics, procedures, and techniques. And that means an influx of new challenges in the cybersecurity space and a new reason for increased vigilance.
NTT will be providing cyber security services for the Olympics once again this year, as they’ve proven themselves in this particular arena. And while they will have to rebuild particular parts of their infrastructure to keep up with the evolving threat landscape, they’re well poised to provide the same level of security and stability they managed to achieve during the Tokyo games.
Beyond keeping large DDoS attacks at bay, they will also have to pay additional attention to smaller-scale DDoS attacks that could prove to be disruptive cumulatively — especially towards live streaming services for the games.
In the long run, it’s also important to point out that, even beyond the pandemic, digital games and live streaming of sports are here to stay. And that’s something both data security professionals and sports fans should be aware of.