Mark Jow, Technical Evangelist EMEA, Gigamon, looks at the importance of cybersecurity when it comes to sporting events on a global stage.
With the Paris 2024 Olympic Games wrapping up, and Paralympics on the starting line, it’s an ideal scenario for cybercriminals to exploit millions of unsuspecting individuals and organisations.
The pattern is clear: major sporting events attract cyber threats, and the Tokyo 2021 Summer Games’ staggering 450 million cyberattack attempts serve as a stark reminder.
With the Olympic committee bracing for a tenfold increase in cyber threats this year, the convergence of heightened geopolitical tension, sophisticated hacking techniques, and adversarial AI advancements spells a recipe for potential digital disaster.
The current geopolitical climate only exacerbates the vulnerability of large international events, and when nations have motives to disrupt, cybersecurity becomes paramount.
In light of these risks, it’s critical for organisations to remain hyper-alert and capable of identifying network irregularities instantaneously, thereby fending off any attempts of compromise.
Unfortunately, as research shows, the reality is that one in three organisations have failed to detect breaches over the past year and a mere 25% could react in real-time.
This gap in cybersecurity readiness is concerning.
So, what steps can be taken to fortify defenses against the anticipated surge in cyberattacks during the Paralympics, and indeed other major sporting events such as the T20 World Cups? Here are the key strategies to consider.
Cloud-based streaming services like YouTube TV, Hulu, Sling and DirecTV have revolutionised live TV by offering on-demand viewing across devices and locations.
This convenience, however, increases network traffic and poses security risks when accessed from work devices.
Despite encryption efforts, a staggering 93% of malware is concealed within encrypted traffic.
Cybercriminals who penetrate an organisation’s defenses can remain undetected for extended periods, making comprehensive network traffic monitoring crucial.
This includes both North-South traffic – traffic entering the organisation, and East-West or lateral traffic – traffic moving within the network, which is particularly vulnerable to exploitation as attackers can silently seek out sensitive data.
For businesses, the concern is twofold during major sporting events.
Employees streaming events on company devices can inadvertently expose the network to cyber threats, despite robust firewalls.
Human error remains a significant factor, with phishing attacks being a prime example.
A seemingly innocuous link to watch Olympic/Paralympic highlights could be a trap, leading to unauthorized access.
Phishing has long been a concern, but with AI advancements, 41% of professionals report an increase in AI-driven cyberattacks.
These sophisticated threats are challenging to detect, even for seasoned cybersecurity experts.
As AI and deepfake technologies amplify traditional cyber threats, organisations must explore new strategies to mitigate these evolving risks.
AI’s promise is appealing, but the allure of cutting-edge technology often overshadows the foundational practices vital for safeguarding against AI-driven cyber threats.
A pivot back to the basics is imperative. Education remains the cornerstone of organisational security, where continuous and adaptive learning is crucial.
The Olympic and Paralympic season presents an opportune moment to reinforce and evaluate employees’ awareness of cyber threats.
Moreover, reinforcing cybersecurity fundamentals can be the most effective defense against sophisticated attacks.
Simple yet robust practices like regular password updates, multi-factor authentication and routine security audits can thwart even the most advanced threats.
Organisations should foster a security-centric culture, where employees are not just passive recipients of policies but active participants in the security ecosystem.
By prioritising basic security hygiene, companies can build resilient defences that adapt to the evolving landscape of cyber threats, ensuring that their guard remains strong against both traditional and AI-enhanced attacks.
The strategy for organisations looking to fortify their cyber defenses lies in addressing the critical issue of security blind spots.
The reality is that gaps in organisations’ tool stacks are granting threat actors opportunities to infiltrate and leverage these vulnerabilities for malicious purposes, undetected.
Yet, an alarming 70% of IT and Security leaders admit to allowing encrypted traffic to pass through their networks freely.
It is imperative that security teams begin to harness real-time intelligence derived from network activity, scrutinising all data in transit—including lateral movement and encrypted traffic.
Ensuring the seamless integration of current tools is essential to eradicate these blind spots, necessitating full visibility underpinned by high-quality data and network telemetry that transcends traditional MELT (metrics, events, logs, and traces) data.
Furthermore, adopting a new perspective is crucial.
The breach of an organisation’s initial defenses does not signal defeat.
With real-time network visibility it is entirely possible to locate and fend off threat actors before they manage to exfiltrate sensitive information.
Organisations must not only be able to detect anomalous traffic but also be able to act swiftly, thereby minimising the costs associated with remediation.
This proactive stance helps avert not only financial loss but also the loss of trust and reputational harm that inevitably follows a cyberattack.
The repercussions of such an event extend far beyond the immediate, affecting employees, customers, the organisation’s security posture, financial health and public perception.
Big sporting events such as the Olympics and Paralympics serve as a wake-up call for organisations that are falling behind in their security strategies.
Gaining real-time visibility into all network traffic is the only way for organisations to be able to say they are 100% secure and capable of remediating threats.
When global disruption is a potential, this kind of protection is critical.
Click to Open Code Editor