Why the Winter Olympics is an opportunity for cybercriminals
Only domestic spectators will be able to attend the Winter Olympics when it begins this week, meaning there is likely to be significant global interest in the streamed productions – and therefore opportunity for cybercriminals.
These cybercriminals look to take advantage by harvesting credentials from illegitimate websites, attempting to compromise devices via email campaigns, or to gain financial resources via disruption, fraud, or other criminal activities.
Here are the main cybersecurity threats facing the Beijing 2022 Winter Olympics.
Ransomware
The first and most obvious threat is ransomware, which hit the headlines last year when a hack on the Colonial Pipeline in the United States highlighted the real-life impact it can cause.
A successful ransomware attack would cause massive disruption to the Winter Olympics, where a victim could come under pressure to pay the ransom demands to quickly get an event to go ahead, allow the television media to broadcast, or to get critical services back online quickly.
Any organisation involved with the delivery of the event should be prepared for highly likely ransomware attacks. They must get the necessary security measures in place, as well as ensuring there are adequate data back-ups. It is important to adopt a layered security approach that focuses on both technology and people.
Hacktivism
Hacktivism, and attacks that seek media attention for a cause, are always a possibility with big events such as the Winter Olympics.
Due to the large audience the Games should attract, both domestically and via the streamed broadcasts, they provide a perfect environment for these threat actors to communicate their narrative. As with all such events, domestic and international cybercriminals will attempt to draw attention to any issues that could cause embarrassment to the host nation.
Insider threats
Events like the Winter Olympics require a massive workforce to deliver them, with hundreds of different organisations involved and thousands of employees, volunteers and contractors with access to systems and software.
Cybercriminals understand this and will be keen to use this to their advantage. They can use social engineering – a type of psychological manipulation – to understand which employees are most vulnerable to exploitation and employ coercive or financial motivations to get them to provide credentials, access, or vulnerabilities that can be exploited.
Organisations must educate staff and provide cybersecurity awareness training to ensure they are prepared for these threats. Social engineering training gives people the tools they need to recognise threats.
Fake streaming websites
It isn’t just the organisations involved with delivering the Winter Olympics that are vulnerable to cybercriminals; spectators are too.
Changes in broadcast rights since the Rio 2016 Games have limited the number and breadth of events shown by national TV providers, meaning some can only be seen behind a paywall. Consequently, cybercriminals are targeting social media users by offering free access to specific sports via streaming websites that require them to enter their personal details.
Spectators should understand that some of these websites are malicious. It is always best to watch via the official broadcast partners of the Games, even if that means paying for their service, rather than giving over bank details which may be used or sold on the dark web.
Dr Francis Gaffney is Director of Labs and Future Ops at Mimecast.