The Olympic Games have almost always been used to introduce radically innovative and game-changing technologies intended to make the sporting events more efficient, entertaining and spectacular, while also influencing global changes and technology standardisation. And given the role that information technology plays in the success of the events, cybercriminals are likely to see these events as a massive opportunity - the 2018 Winter Olympic Games are no exception.
Research shows that there is much at stake, from critical infrastructure to healthcare or environmental issues. All of these should be properlymanaged in the pursuit of a bright future. Figures support this concern. At the 2008 Beijing Games, around 190 million cyber-attacks were reported (12 million per day). At the 2012 London Games, cybercriminals made over 200 million failed attacks on the event’s official website. At the 2014 Sochi Olympics, 322 million attacks were reported, followed by 570 million at the 2016 Rio Olympics. At the 2020 Olympics, Japan is also planning drastic measures to safeguard its IT infrastructure from cyberattacks – given that they are considering a 57% projected increase in cyberattacks based on the average increase from the last three Olympics.
“Because of the importance of information technology to the success of the event, one area of pivotal concern is cyber security. In fact, the Olympics are comparable to a business of 200 000 employees, addressing 4 billion customers, operating 24/7, in a new territory, every 2 years – certainly a lucrative opportunity for any cybercriminal,” says Mohamad Amin Hasbini, senior security researcher at Kaspersky Lab.“Cybercriminals are likely to try to use forged webpages that pose as legitimate Games web-resources to try to sell fake tickets or collect private data from those willing to attend the sports events. What’s more, we always see a spike in spam during these events where spam recipients are being lured into embezzlement schemes, for example, offering to help book hotels and/or make other travel arrangements.”
Extra caution is also required while using public Wi-Fi networks. Attendees should avoid using any unprotected network, as Internet traffic can be relatively easy for criminals, who are connected to the same hotspot, to intercept it.
What’s more, given that technology is applied to every facet of the event from smart transportation systems to waste recycling, guest services and even ‘village robots’, the use of technologies such as IoT and AI as part of the broader Smart City, must be kept secure as malicious hackers are likely to use this opportunity to carry out attacks using social engineering techniques to manipulate and increase the risk of personnel divulging sensitive information. Attacks on physical operational technologies as well as data analytics systems and infrastructure is a real possibility. Couple this with the spreading of rumors on social media can also significantly impact the Olympics as fake profiles that post fake messages can start crowd panics or similar troubles.
Additionally, basic security such as strong cryptography and authentication is critical, along with automatic and secure software and firmware that allow for auditing, alerting and logging capabilities. What’s more, the importance of penetration testing and vulnerability assessments for all systems, devices and people used in the Games cannot be underestimated.