Major social events such as the World Cup, Super Bowl, and Olympics have typically drawn the interest of cyber criminals and hacktivists.
Open source reporting indicated that China was subjected to approximately 12 million online attacks per day during the 2008 Summer Olympics in Beijing.
Two months after the closing ceremony for the 2008 Games, cyber criminals began launching campaigns using 2012 London Summer Olympic themes. Reporting last year indicates some groups are also preparing attacks linked to the 2014 Winter Games in Sochi, Russia.
Scams, malware campaigns and attacks will continue to grow in scale and complexity as the 27 July opening ceremony in London draws near. Event organizers, sponsors and British authorities continue to increase their physical and cybersecurity awareness as the event approaches.
Information systems supporting the Games, transport infrastructure, law enforcement communications, financial operations and similar will become prime targets for criminals.
A collective of approximately eighty-seven UK banks exercised their ability to withstand cyber attacks last November. Olympic organizers anticipated cyber threats and began testing their cybersecurity posture during ‘technical rehearsals’ by running scenarios from their Technology Operations Center (TOC) situated on Canary Wharf.
The TOC will be manned with over one hundred personnel continuously monitoring critical applications, such as the Commentator Information System, organizers’ intranet, and a telecom infrastructure encompassing 900 servers, 1,000 network and security devices, and 9,500 computers.
In addition, British law enforcement organizations have been collaborating with the U.S. Secret Service and other industry experts to understand attack vectors, detection methods and mitigation strategies to combat the threat.
However, the cyber implications are more expansive than localized attacks against systems and encompass globally distributed Olympic-themed malware, spam campaigns and scams.
There are eleven global sponsors of the 2012 Olympic Games: Coca-Cola, Acer, Atos, Dow, General Electric, McDonalds, Omega, Panasonic, Proctor & Gamble, Samsung, and VISA. These sponsors include a variety of companies, some of which are Critical Infrastructure Key Resources (CIKR) or Information Sharing Analysis Center (ISAC) members.
The actions or creditability of the sponsors may become targets for cyber criminals or hacktivists. The purpose of this bulletin is to provide a strategic outlook for the 2012 Summer Olympic Games and similar events to assist partners in detecting and mitigating related attacks.
Download the full NCCIC 2012 Summer Olympic Games Cybersecurity Outlook here: