How to Prepare for Cyber Threats Targeting the Olympics
With over 7.8 million tickets for sale, the 2020 Summer Olympics in Tokyo, Japan will bring even larger crowds than the 2016 Summer Olympics in Rio De Janeiro, Brazil.
The expected crowds, the use of emerging technologies and the attention generated around the 2020 Summer Olympics will present security challenges for Olympic organizers, partners, sponsors, suppliers, service providers and attendees. Over the last decade, there have been numerous cybersecurity-related events aimed at those involved with the Olympics. Some of these events were recently highlighted in the Cyber Threat Alliance’s (CTA) 2020 Summer Olympic Threat Assessment.
Radware researchers assess with moderate confidence that the 2020 Summer Olympics will see similar attacks to the ones that targeted the 2016 Olympic games.
Background
The 2020 Summer Olympics will be one of the most technologically advanced sporting events in history. Spectators won’t just be presented with a series of smart stadiums; they will be presented with one of the most connected cities in the world and a glimpse into how technology will influence future sporting events. Spectators will be able to interact with human support robots or ride in an autonomous taxicab. There will also be a variety of multimedia technologies and digital devices deployed for streaming content, providing viewers around the world with immersive and interactive experiences.
[You may also like: Expected Technology at the 2020 Olympics in Tokyo]
Providing spectators with additional connectivity and technological innovations is always a double-edged sword. While connectivity provides a better user experience, additional technology and innovation can create a larger attack surface for cybercriminals.
Because of the larger digital landscape in Tokyo and hype surrounding the 2020 Olympics, we expect to see organizers, partners, sponsors, suppliers, service providers and attendees targeted by both nation-state actors and cybercriminals.
Attack Vectors
Phishing: It’s expected that phishing emails targeting Olympic organizers, partners, sponsors, suppliers, service providers and attendees will leverage Olympic-related messages, offers for tickets or leverage COVID-19-related content.
Malicious Domains: Malicious domains are registered domains designed for malicious intent. They look to hijack names of cities, venues or events to trick users via typo squatting into entering their credentials by spoofing the content of the original website. Due to the hype generated by the 2020 Olympic games, it’s expected that cybercriminals will be looking to profit off those searching for Olympic tickets in the resell market.
Denial-of-Service: Considering the high volumes of traffic service providers will cope with during the games, it would not take a sophisticated attack to disrupt an ISP. A massive DDoS attack via a reflective method combined with a spike in network traffic, could be enough to cause service degradation or an outage. Denial-of-service attacks can be generated via an IoT botnet such as Mirai, open resolvers such as DNS and NTP servers, or from a single server. Criminals often leverage multivector attacks by combining network floods with various low and slow attacks and encrypted, DDoS attacks to cause an outage.
To make things worse, technologies like 5G and 8K streaming will result in higher volumes of traffic. A network spike at the Olympics might appear as a DDoS attack. Many DDoS mitigation solutions are rate-based and will drop traffic above a certain threshold. Behavioral algorithms will make distinction between attack and legitimate user traffic more accurate and detect unknown attacks with minimal false positives.
Application Attacks: Cybercriminals will launch application attacks like SQL injections, password cracking, cookie poisoning, cross-site scripting and session high jacking to steal Olympic and spectator data. to steal Olympic and spectator data. Information on the attendees, sponsors or athletes can be monetized or used publicly. Criminals will also use fake applications and websites to target patrons.
Compromised Access Points – Risk of MITM: Cybercriminals may have already assessed access points across Olympic venues. They will set up fake access points to intercept and manipulate their victims browsing and to steal passwords, credit cards, PII and other sensitive information. A common man-in-the-middle (MITM) tactic using malicious access points is to name a fake access point as the same name of the legitimate access point. Once a user is connected, malware can be injected onto their device.
How to Prepare
Technology can provide a more immersive and rewarding experience for fans. It can also create problems and security risks for those managing the networks. Those that sponsor, support or supply the Olympics should understand the risks. Here are suggestions for both attendees and those hosting the 2020 Summer Olympics in Tokyo.
[You may also like: Don’t Get Scammed During the Hypest Moment in History]
Attendees/Users:
- Ensure your phone is updated with the latest operating system
- Disable Bluetooth on your cell phone when not in use
- Disable Wi-Fi when not in use
- Only use the official event Wi-Fi
- Rent a pocket Wi-Fi device with a local plan
- Always use a VPN
- Have RFID shields to protect credit and identity cards
- Be careful when using ATMs – Understand how to spot and avoid card skimmers
- Exercise caution when presented with popups while browsing
- Avoid Olympic-related scams delivered via email
Event operators:
Radware recommends that operators review their network between events and inspect networks when necessary to defend against threats that are specific to the Olympics.
- Ensure hardware is updated, default passwords are reset and unnecessary services are disabled
- Conduct audits of the network between games
- Scan for rogue access points
- Access Control List (ACL) – Filtering network traffic
- Use load balancing for traffic distribution
- Have network and application protection to detect, mitigate and report attacks
To read the full alert, click here.
