Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

7/5/2021
10:00 AM
Jessica Amado
Jessica Amado
Commentary
Connect Directly
LinkedIn
RSS
E-Mail vvv
50%
50%

Watch for Cybersecurity Games at the Tokyo Olympics

The cybersecurity professionals guarding the Summer Olympics are facing at least as much competition as the athletes, and their failure could have steeper ramifications.

It was a close call, but the 2018 Pyeongchang Winter Olympics almost ended before it started. A harmful cyberattack threatened to cause severe disruptions to the opening ceremony and the subsequent sporting events. Fortunately, a sleepless night at the Olympics' technology operations center allowed for a speedy and efficient incident response process.

Related Content:

Cyber Athletes Compete to Form US Cyber Team

Special Report: Building the SOC of the Future

New From The Edge: An Interesting Approach to Cyber Insurance

Three years later, the threat landscape has changed, and the Tokyo Olympics is no safer than its predecessor. In fact, the heavy reliance on technology means these Olympics might be the most vulnerable Games yet. Not only is the upcoming Olympics' use of technology set to be the most innovative yet, but COVID-related audience restrictions mean spectators must keep up with events electronically. Now that there are events to keep up with, it's not only the athletes who are preparing to show off their skills.

The Gold Medal
The Olympics relies heavily on critical infrastructure, and, to many malicious actors, such entities are ideal targets. Attacking critical infrastructure can cause physical disruption when operational technology (OT) is affected. OT is the technology that interfaces with the physical world; hence, the spillover effects of an attack will cause significant damage to the real world. For this reason, there are several potential motives behind an attack on the Olympics and its related entities. The international attention the Games receives means it is the perfect target for hacktivists, terrorists, threat actors, or others to make a statement. Further, the Olympics can act as a strategic target for state-sponsored groups with a political agenda.

The Hard(ware) Truths
The motives of attackers and the value of the target mean actors carrying out such attacks will likely have advanced, sophisticated capabilities. This means organizations are not protected — even if they think they are.

Credit: lazyllama at Adobe Stock
Credit: lazyllama at Adobe Stock

Truth #1: What You See Is Not What You Get
Enterprises often genuinely believe they have a complete hardware asset inventory and, therefore, a comprehensive security approach. But this is rarely the case. In fact, more than 60% of IT managers have an incomplete inventory of their IT devices. Whether a device is unmanaged, hiding, or spoofing a legitimate one, there are serious, unintentional gaps in enterprises' hardware inventory. 

Thinking that all assets are accounted for may be more dangerous than knowing there are some gaps left open. In this situation, the enterprise will not have an effective incident response process in an attack, and the origin of the attack will be difficult, if not impossible, to determine. And, with the Tokyo Olympics relying heavily on technology, the number of devices in use will be extensive, making the risk proliferate significantly. (By point of comparison, the 2018 Winter Olympics relied on more than 10,000 PCs, more than 20,000 mobile devices, 6,300 Wi-Fi routers, and 300 servers.) Enterprises must make more concerted efforts to ensure they have a complete asset inventory by gaining visibility of all OSI layers.

Truth #2: You Undervalue Yourself
Attackers might be sophisticated, but this does not necessarily mean they use their skills to infiltrate a target directly. Sometimes, sophistication means working smarter, not harder; the supply chain allows for the former.

Highly protected targets can be very challenging to infiltrate and, thus, their less-secure suppliers are often a point of infiltration for bad actors. Either the supplier will have access to the target's confidential information or will provide the cybercriminal a pathway (via hardware or software) into the target organization. Supply chain attacks were up sevenfold in the last half of 2020, and this figure will continue rising without major reform. And, with critical infrastructure relying on large supply chains, the Olympics has many entry points. Small organizations who believe themselves to be of no value might just be the barrier (or entry point) between attackers and their target. In 2019, 66% of small and midsized businesses (SMBs) said they believed a cyberattack was unlikely, but 67% of SMBs fell victim to one. In today's interconnected environment, enterprises, no matter their size or nature of operations, must significantly expand their threat landscape awareness; the supply chain is counting on it.

An Extra Year of Training
The postponement of the Tokyo Games to 2021 gave the athletes — and the Olympics cybersecurity teams — an extra year of training. Moreover, increased attacks during the COVID-19 pandemic should have reinforced the importance of advanced cybersecurity efforts. In just a few weeks, the world will watch as athletes compete for gold. Those of us in the cybersecurity world will be watching for any signs of a possible attack. You have your thrills; we have ours.  

Jessica Amado is Head of cyber research at Sepio Systems, where she researches and covers multiple aspects of hardware-related cyber threats. She is a Regent's University London graduate with First Class Honors in Global Business Management with Leadership and Management and ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
TroyG325
50%
50%
TroyG325,
User Rank: Author
7/6/2021 | 1:44:42 PM
Great PSA
Couldnt agree more, expecting the same
Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Enterprises are Attacking the Cybersecurity Problem
Concerns over supply chain vulnerabilities and attack visibility drove some significant changes in enterprise cybersecurity strategies over the past year. Dark Reading's 2021 Strategic Security Survey showed that many organizations are staying the course regarding the use of a mix of attack prevention and threat detection technologies and practices for dealing with cyber threats.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-42258
PUBLISHED: 2021-10-22
BQE BillQuick Web Suite 2018 through 2021 before 22.0.9.1 allows SQL injection for unauthenticated remote code execution, as exploited in the wild in October 2021 for ransomware installation. SQL injection can, for example, use the txtID (aka username) parameter. Successful exploitation can include ...
CVE-2020-28968
PUBLISHED: 2021-10-22
Draytek VigorAP 1000C contains a stored cross-site scripting (XSS) vulnerability in the RADIUS Setting - RADIUS Server Configuration module. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the username input field.
CVE-2020-28969
PUBLISHED: 2021-10-22
Aplioxio PDF ShapingUp 5.0.0.139 contains a buffer overflow which allows attackers to cause a denial of service (DoS) via a crafted PDF file.
CVE-2020-36485
PUBLISHED: 2021-10-22
Portable Ltd Playable v9.18 was discovered to contain an arbitrary file upload vulnerability in the filename parameter of the upload module. This vulnerability allows attackers to execute arbitrary code via a crafted JPEG file.
CVE-2020-36486
PUBLISHED: 2021-10-22
Swift File Transfer Mobile v1.1.2 and below was discovered to contain a cross-site scripting (XSS) vulnerability via the 'path' parameter of the 'list' and 'download' exception-handling.