Erin O'MalleySporting events are easy targets that offer a goldmine of opportunity for hackers who can compromise various layers of information. The bigger the event, the bigger the potential payout. And in terms of size and number of sports and spectators, it doesn’t get much bigger than the Olympics. So many games, so many athletes, so many virtual pockets to pick.
During the Beijing Olympics, there were 12 million hacking attempts per day. Four years later in London, close to 160 million security-related events were reported. What’s the bet on Rio?
Per the 2016 Symantec Security Threat Report, Brazil ranks number 8 on the list of countries that originate the most malicious bot activity. So my bet is that, for hackers, the Olympic Games in Rio have already begun. In fact, with little doubt, cyber crooks have long been busy creating bogus ticketing websites (even using low-cost SSL certs to make them look legit) or setting up other phishing scams designed to steal passwords, credit card details, and other sensitive data.
Once the Olympic torch is lit, how many more hidden hackers—who’ve infiltrated legitimate event-related networks—are on their marks, ready and set to launch different attacks? While there may be those looking to cripple critical infrastructure, such as power and water systems, to bring the games to a halt, odds are there are just as many banking on no such hiccups.
Gambling Is Big Business
Historically, Olympics-related cyber risks have included the social engineering and phishing scams. But something that hasn’t been reported on as often is gambling. What motivates a “sports” hacker is probably the same as what motivates any other hacker: money, notoriety, disruption, the sport of the hack itself, you name it.
People love sports. And people love to bet on sports. While not a gambler myself, I imagine it’s a way to feel more part of the action, intensify a spectator’s adrenaline rush, become more intimately involved with a sport, a team, an athlete. And just as sports players need to understand game strategy or want to know as much as possible about their opponents’ strengths and weaknesses, gamblers are hungry for similar data points. They crave insider information. Is an athlete injured? Will someone be sitting on the bench in a game?
To find an Achilles heel or gain any tiny advantage based on stolen information could be the difference between big gain or big loss. And hackers who can breach networks to gain access to personal information on athletes, medical records, or coach communications can use that data to increase the odds of winning a bet themselves or, more likely, sell it far and wide to online gamblers looking for a competitive edge.
See What You’ve Been Missing
Hopefully Rio has been upping its cybersecurity game not only with more awareness and training, but also in understanding that no single security solution provides full network protection and that any security tool is only as effective as the traffic it sees. By the same token, I hope it’s understood that, in all likelihood, hackers have already breached networks and are simply waiting for the right moment to launch attacks.
The time to find the bad guys is now. And the way to do that? With pervasive, intelligent network visibility. If security tools can see all relevant traffic (without becoming overwhelmed), they can better detect anomalous or malicious behavior and prevent data from being lost, stolen, or held hostage.
