Any large lawsuit is apt to pull atrocious actors. Keeping the games harmless from onslaught is simply a immense undertaking for lawsuit planners.
TechRepublic's Karen Roby spoke with Ray Canzanese, manager of menace probe astatine Netskope, astir cybersecurity and the Tokyo 2020 Olympics, being held July 23-Aug. 8, 2021. The pursuing is an edited transcript of their conversation.
Karen Roby: I deliberation much and much radical are becoming alert present of the problems with cybersecurity and ransomware arsenic immoderate of these high-profile companies person been targeted. So, the Olympics nary uncertainty volition beryllium a target. What are immoderate of the concerns that you person that radical request to beryllium alert of?
SEE: Security incidental effect policy (TechRepublic Premium)
Ray Canzanese: Ransomware is simply a bully point. The happening that's happening with ransomware is truly that attackers person recovered a mode to marque each imaginable unfortunate a viable and utile victim. So, it utilized to beryllium that you were uncovering a people that you could someway bargain accusation from that you could aboriginal sell. Ransomware benignant of made it truthful that everybody becomes a target, due to the fact that you tin deed anybody with ransomware, and anybody has data, right? Whether it's invaluable to anybody other oregon not is irrelevant. It's invaluable to them, truthful you clasp it hostage.
So, that's truly wherefore we spot I deliberation truthful galore radical present successful the wide populace truly successful tune with what's happening, is due to the fact that it utilized to beryllium that lone high-value targets were truly targeted by cyber criminals, and present it's beauteous overmuch anybody who has information. Any company; immoderate individual. You're disquieted astir your photos that got locked up oregon your company's information that got locked up.
So, successful different words, the Olympics travel astir and what's going to hap from a ransomware constituent of presumption is truly conscionable that the Olympics are a large taste lawsuit that attackers volition leverage to effort to instrumentality you into doing something, giving them access, installing software, immoderate mode that ends up infecting you with ransomware. We spot this with immoderate large taste event.
At the opening of the pandemic we saw truthful overmuch fake COVID-19 trackers, COVID-19 alerts, delight instal this app, it's going to fto you cognize if you've been exposed, and it was each malicious. We're going to spot that aforesaid nonstop worldly hap with the Olympics.
SEE: How to negociate passwords: Best practices and information tips (free PDF) (TechRepublic)
From the regular person's constituent of view, that's going to beryllium what you request to beryllium cautious of. Is this app that you conscionable got sent to watercourse immoderate Olympics crippled legitimate? Is this quality nonfiction with immoderate salacious header astir the Olympics, is it existent nonfiction oregon is it misinformation clickbait trying to get you to instal thing malicious? So, that's astir apt what the mean Joe oregon Jane is going to spot during these Olympics is those sorts of baits being utilized to people beauteous overmuch everybody.
Karen Roby: Ray, speech a small spot astir immoderate of the steps that you deliberation the Japanese authorities and Olympic officials request to beryllium taking to beryllium successful the champion presumption from an violative standpoint.
Ray Canzanese: Yeah, absolutely. So from the organizers themselves, the Japanese authorities trying to hole for the Olympics, they person past to look backmost connected to benignant of foretell what's going to happen. The past large Olympics-related cyberattack was Olympics Destroyer, right? It was malware specifically written to effort to disrupt the games. It was state-sponsored coming from Russia, and it was benignant of deliberately spreading wrong the web and deleting things, trying to disrupt everything it perchance could. Since then, there's been lone possibly much grounds that that's going to continue.
With each of these doping concerns and the athletes being banned from the games, we saw passim that investigative process the Russian state-sponsored groups going aft these anti-doping agencies. Trying to someway messiness up the concatenation of custody, delete data, effort to disrupt the procedures capable to someway let the athletes to enactment successful the adjacent games. So present we are with the athletes not participating successful these games, a past of these cyberattacks, some against the Olympic games themselves and against these anti-doping agencies. I mean, it's lone benignant of assumed that Olympic Destroyer mentation 2.0 is going to beryllium utilized during these upcoming games.
So, the Japanese government, the Olympics organizers, they are each preparing, making that assumption. So that means precise overmuch hardening networks, making definite determination is redundancy, putting backups successful place, gathering effect teams that volition beryllium determination connected the crushed monitoring what's happening successful real-time, going done exercises to beryllium definite everybody is prepared. What happens if idiosyncratic does get into the network. There's truthful overmuch mentation from a information cognition standpoint that's happening close present to guarantee that if thing similar Olympics Destroyer happens again, that it happens successful the aforesaid mode it happened before. If it gets in, they negociate to rapidly and efficaciously halt it.
Karen Roby: So if you had to benignant of summarize, Ray, the eventual nonsubjective present for the hackers, what would that be?
Ray Canzanese: From the standpoint of attackers and what their objectives are going to beryllium for what we judge is astir apt going to beryllium Russian state-sponsored groups, it's going to beryllium disrupting the games themselves. They privation to really disrupt those games. That's what Olympics Destroyer was doing, that's what they were trying to bash against the anti-doping agencies, that's what we foretell they're going to effort again to these games.
For each the different stuff, it's typically financially motivated, right? It's however bash you marque wealth disconnected of the Olympics craze? Well, you bash it done ransomware, banking trojans, scams. You'll spot a just fig of astir apt fake streaming sites that inquire for recognition paper accusation to entree a escaped livestream of the Olympics that effect successful theft of funds from people's slope accounts. So, each of that financially motivated worldly is going to beryllium pervasive passim these Olympics.
Karen Roby: I find it truly absorbing erstwhile you deliberation astir it, that erstwhile it comes to the Olympics, not lone are determination truthful galore concerns astir radical that are determination connected the crushed physically portion of the Olympics oregon radical getting successful that shouldn't beryllium there, but present dissimilar galore years ago, the Olympic Committee and officials, everyone, has to interest astir information wrong the facilities and besides retired successful cyberspace. I mean, it impacts everyone.
Ray Canzanese: Right, right. You utilized to conscionable interest astir the radical that were physically present, and present you interest astir beauteous overmuch everybody crossed the globe. What are they going to beryllium targeted with? What's going to beryllium disrupted? I'm definite Comcast NBC, who are televising the Games, are conscionable arsenic disquieted astir cyberattacks, due to the fact that there's truthful overmuch vested involvement successful them being capable to get the games unrecorded retired connected DV successful real-time.
So, they're astir apt arsenic arsenic benignant of vested successful preparing and making definite that they are wholly prepared successful lawsuit they go a people of a cyberattack, right? Maybe you can't disrupt the games, truthful what's the adjacent champion thing? Disrupt the TV livecasts of the games.
Every benignant of enactment progressive successful the Olympics is simply a imaginable target, and attackers are opportunists. If the halfway Olympics infrastructure is truthful locked down, they'll conscionable spell look determination else, they'll find immoderate different mode to disrupt something.
Cybersecurity Insider Newsletter
Strengthen your organization's IT information defenses by keeping abreast of the latest cybersecurity news, solutions, and champion practices. Delivered Tuesdays and ThursdaysSign up today
- The information and privateness down IBM's Digital Health Pass
- Colonial Pipeline onslaught reminds america of our captious infrastructure's vulnerabilities
- How to go a cybersecurity pro: A cheat sheet (TechRepublic)
- Security threats connected the horizon: What IT pro's request to cognize (free PDF) (TechRepublic)
- Checklist: Securing integer information (TechRepublic Premium)
- Online information 101: Tips for protecting your privateness from hackers and spies (ZDNet)
- Cybersecurity and cyberwar: More must-read coverage (TechRepublic connected Flipboard)