Olympics face digital bombardment

The UK government has identified cyber attacks and espionage as one of four “tier one” risks in its National Security Strategy. In the run-up to the 2012 Olympics, security services will be given $650mn above their usual $2.4bn budget to guard against online attacks.

It is thought the Olympics will be the country’s biggest security challenge since World War Two. The Games could be targeted through both traditional and cutting-edge technologies.

“People sitting somewhere in their remote location can have a global impact in a way which was perhaps not possible ten or 15 years ago,” says Chris McGloin, vice president of risk management & insurance at Invensys Plc. “So you have to look at the implications and deal with that.”

Britain’s security minister Pauline Neville-Jones thinks that cyber threats, particularly ticketing fraud, pose a major risk. “We are combining our experience and techniques... with more advanced ways to assess risk management than we were possibly capable of doing more than ten years ago,” she said.

In February and March, eight million Olympic Games tickets worth £500mn are due to go on sale. Sites for ticketing, results, timing and television broadcasting are more susceptible to cyber-attack than established websites because of their temporary status, it has been claimed.

Other organisational aspects of the event could be compromised – such as hotel reservations, transportation and other crucial bookings in an attempt to undermine the smooth running of the Games.

Potential motives for such attacks can range from political to environmental. Other hackers could be driven by financial reasons, attempting to steal identity, credit cards and other personal data.

12 million hits a day

Big sporting events are often the target of organised crime, says Malcolm Randles, an underwriter at Kiln. “One of the biggest issues facing South Africa during the World Cup was they were going to have a huge increase in foreign credit cards being processed on what people felt was a somewhat untested IT system. It was a sitting duck for fraudsters.”

“The Chinese government recently suggested they took 12 million hits a day during the Beijing Games – and those are governmental websites so it’s really scary stuff,” he continues. “London faces as big a threat as Beijing did.”

While every effort is being made to protect the integrity of the systems set up for the Games, more sophisticated criminals may not be put off by the multiple levels of security.

A holistic approach is required to deal with big cyber risk events, explains McGloin. “If you’ve got a system which is a safety critical system you won’t just have one measure – you’ll have different measures for dealing with the security around that.”

“One has to look at not just the affect of a failure of the software but how you then engineer systems and processes to avoid the problem that would otherwise arise,” he continues. “So you can have people security and physical security before you then start getting into the software security – and the software security then needs to be done in a way that minimises a major event.”

“It’s rare that a major event is through one action,” he concludes. “It’s normally through a combination of things – so you have to look at this multi level of security in order to make it effective.”

Comments

No comments