The 2024 Olympics unseen cyber competition

July 29, 2024
Organizational committees and sports organizations are playing their own games against global threat actors

All eyes on the Paris 2024 Olympic Games provide a perfect opportunity for threat actors to target millions of individuals and organizations before, during, and after the games – for maximum impact. In recent years, Olympic systems, athletes, and attendees have been subject to cyberattacks with the 2021 Summer Games in Tokyo facing 450 million attempts. Furthermore, the Olympic organizing committee expects cyber threats to increase tenfold this year, due to rising geopolitical tensions, evolving hacking tactics, and the rise of adversarial AI.

It is no surprise that global events are particularly vulnerable amid the surge in geopolitical tensions. Whenever nation-states have a reason to stir the pot, it is essential to take extra precautions. This year's Olympics is one to look out for amid Russia’s ban from participation, making the need for increased security essential—whether on the ground or watching from home.

With this in mind, it is imperative that organizations be especially vigilant and ensure they can detect network anomalies in real-time to prevent the successful exfiltration of sensitive data. Unfortunately, data shows that 1 in 3 organizations could not detect a breach in the last 12 months, with just 25 percent able to respond in real-time, revealing a cybersecurity preparedness gap. So, how can organizations close this gap and prepare for the rise in threat activity during the Olympic games? Here’s what to look out for.

The Risk of Cloud-Based Streaming Services Amid the Year of AI

Cloud-based streaming services such as YouTube TV, Hulu, Sling, DirecTV, and more ushered in a new era of live TV, enabling viewers to watch on-demand on any device in any location, bringing additional traffic to the organization’s networks when viewed on a work device or network. However, with any cloud-based service comes risk. All cloud traffic is automatically encrypted and despite its intent to keep data safe, research has found that 93% of malware hides behind encrypted traffic. Once a threat actor breaches perimeter security, they can move inside the network for weeks,, months, and even years, making visibility into all network traffic essential. This includes North to South traffic – traffic that flows from outside to inside an organization and, arguably more importantly, lateral or East to West traffic – traffic traversing laterally within the infrastructure enabling threat actors to hide and locate sensitive data wherever it may live in the network.

From a business perspective, organizations must be particularly concerned about employees watching the games from their connected devices with threat actors proving their ability to bypass traditional security measures and gain access to highly confidential information. Every publicized breach has occurred behind multi-billion-dollar firewalls. Employees are only human and cyberattacks are inevitable. One technique employees should be particularly wary about during the games is phishing attacks. While it may appear to be a link to your favorite live-streaming service to watch Olympic highlights, it may be compromised and enable threat actors a way in. For example, when an employee receives a link to watch Simone Biles take the world’s biggest stage from their laptop or their phone while on the company’s WiFi and then logs into the company’s VPN, the security risk is imminent.

Traditional phishing campaigns have always been something to be wary about. Still, amid the year of AI, where 41% of respondents to a recent survey stated a surge in AI-fueled attacks in the past year alone, these attacks are only becoming more sophisticated and complicated for even the most attuned cyber professional to spot. So, how can organizations reduce risk as traditional cyberattack tactics intensify with AI/deepfake technologies?

How to Prepare for the Event and the Foreseeable Lingering Attack Landscape

In the era of AI, too many are hyper-focused on the technology’s potential for good but lack the fundamentals to secure their organization’s security posture from AI-fueled attacks. It is time we return to basics. Education is an essential part of keeping any organization safe. While it should be done on an ongoing basis, the Olympics is a great time to revisit, remind employees, and even test whether they know how to spot a cyberattack. Specifically, types of tactics to be aware of include Social Engineering Techniques, Phishing, Ransomware/Malware, and Distributed Denial-of-Service (DoS).

Secondly, organizations’ tool stacks are falling short, enabling threat actors to exploit blind spots to breach and extort their victims without fear of detection. Unknown blind spots keep CISOs up at night, yet at the same time over 70% of IT and Security leaders admit they let encrypted data flow freely. It is important to apply real-time, network-derived intelligence and insights into all data in motion, including lateral, East-West and encrypted traffic. Organizations must ensure that existing tools are working efficiently and are well integrated to eliminate security blind spots. This requires deep observability powered by high-fidelity data and network telemetry, which goes beyond MELT (metrics, events, logs, and traces) data.

Lastly, a mindset shift is required for you. It doesn’t have to be game over once a threat actor has penetrated the first layer of defense. You can stop them before they successfully exfiltrate sensitive data. Not only do organizations need to spot suspicious traffic, but they must also be equipped to respond quickly to avoid the cost of remediation, not to mention the reputational damage and lack of trust that comes with a cyberattack. A cyber-attack impacts everyone – employees, customers, organizational security, bottom line, public opinion, etc.

While security should always be at the top of one's mind, high-profile events such as the Olympics are important reminders to stay vigilant. Encryption in the cloud is a double-edged sword. The only way to truly state that your organization is risk-free before, during, and after this Summer’s Olympic games is to have 100% visibility into all data in motion.

 

About the Author

Chaim Mazal | Chief Security Officer at Gigamon

Chaim Mazal is the Chief Security Officer responsible for global security, information technology, network operations, governance, risk, compliance, internal business systems, and the security of Gigamon product offerings. Before joining Gigamon, he held similar roles to several industry leaders, most recently at Kandi, where he was the SVP of Technology and CISO. Chaim is a lifetime member of the Open Web Application Security Project (OWASP) Foundation and currently sits on several advisory boards, including Cloudflare, Gitlab, and Lacework. Chaim holds a bachelor’s degree from the Rabbinical College of America.