The Olympics and Paralympics are high stakes. The biggest sporting event in the world – major broadcasters reported more viewers in the first two days than the entirety of the previous event in Tokyo – and over 9.2 million tickets were sold.
The pressure was on for the athletes, who displayed incredible sporting prowess. It was also high stakes for the organizations protecting the event from cyber-attacks, all the way from individual event security teams up to the French Organizing Committee.
The event industry is a prime target for disruption. Threat actors knew the world was watching and that an attack could have huge impacts for the host country’s reputation and operation. This only served to increase the leverage of attackers, who could have had any one of a range of motivations:
· Geopolitical cyber-terrorism: what better way to shock the world or sap France’s morale than to disrupt the country’s spotlight moment?
· Financial gain: The large sums of money at stake made event organizers and associated parties a prime target for financially motivated cyber-crime like ransomware attacks or ticketing scams.
· Hacktivism: As witnessed by the high-profile attacks and stolen data during previous major sporting events, the Olympics provide a global stage for activist groups hoping to make a point.
Often described as a 'honeypot' for cybercriminals, attackers were acutely aware of the global stage that came with these tournaments. If an attack was successful and caused significant disruption, then there would be huge financial and reputational repercussions for host countries and the organizers hit by the breach.
VP for Cyber Intelligence at Darktrace.
The complex challenge of cybersecurity
Cybersecurity is, by nature, a one-sided game: defenders need to protect everything, and attackers need to find just one weak point. The widespread adoption of AI is allowing adversaries to execute attacks faster and at a more sophisticated level, whilst the increased integration of tech and tech suppliers across sports means a larger potential network for bad actors to leverage. This is true across sectors, with 74% of security leaders sharing that AI-powered cyber threats are already having a significant impact on their organization.
Safeguarding events such as the Olympic and Paralympic Games presents a multifaceted challenge. The concerns extend beyond threats directed at individual teams and encompass both physical and digital security measures in place. Additionally, there are vulnerabilities within the surrounding supply chain that must be addressed. Potential attackers may focus on critical infrastructure associated with the venues, including power and water systems, transportation networks, broadcasting services, mobile ticketing platforms, and even the financial resources supporting the event.
Targeted phishing campaigns and email scams tend to increase around these events too, whether people were attending in person or watching virtually. The ramifications of cyber disruption during a large-scale event cannot be overstated. A momentary lapse in access to power could bring TV broadcasts to a halt. CCTV outages could lead to dangerous overcrowding. The barrier between the cyber and physical worlds have long dissolved – cyber-attacks threaten human safety.
The financial incentive for adversaries also cannot be understated. The broadcast rights alone for the event were expected to be in the region of $3.3 billion. Criminals were aware of the colossal funds being spent to ensure the smooth running of the games and strived to take a cut by threatening the seamless running of the event.
Timing was also key. Every second counted, on and off the track. Events had to go ahead at whatever cost – you couldn't suddenly postpone the 100-meter final or cancel the opening ceremony. This was a dream for ransomware attackers, because if you didn't have enough time to restore your system, then your only option was to pay up.
The winning combination? Human and AI collaboration
The best way to protect sporting events like last week's is for security teams to pivot from a reactive to a proactive standpoint, with AI being a key defender on the pitch.
Cyber threats are sadly an inevitability. AI allows us to keep pace with the machine-speed of adversaries. Using AI proactively will ensure we're one step ahead of bad actors. AI pre-emptively identifies internal and external vulnerabilities, identifies gaps in security policy and process before an attack occurs, breaks down silos to investigate all threats (known and unknown) during an attack, and uplifts the human analyst beyond menial tasks to incident validation and recovery after an attack. Instead of asking already overworked security teams to keep track of thousands of potential issues, AI can simplify them down into just a few key actions that teams need to take to prevent catastrophe.
This method of defense means building a complete view of everything happening in the digital ecosystem of an event – something that would take months to do manually. It's critical to find and close weak points before they are exploited as well as ensuring security teams are well drilled: practicing attacks in realistic environments until the security teams are as well prepared as the athletes on the track.
Society expects organizations and events like last week's to be prepared for attacks and to keep everyone involved safe. This means protecting not just those attending the physical event, but analysing risks in your supply chain. We've already seen the risks of supplier-led cyber disruption with attacks on London hospitals over the summer. No matter how tight your own cybersecurity might be, it only takes one critical supplier to be breached to derail the whole sporting event. Vetting and shoring up suppliers, from payment providers to closed circuit cameras, has now become an essential part of due diligence that cannot be overlooked.
AI tools are essential in mapping environments and closing off risks. Security teams, working in partnership with AI, can cover enough ground to make sure they are proactively heading off threats wherever they surface.
Teamwork is as essential in the security team as it is on the pitch. In this instance, proactivity and readiness is indeed the best defense.
We've featured the best endpoint protection software.
This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro