Summer Olympics is ripe for cyberattacks

Criminals will exploit the confusion and hustle and bustle of the games to their advantage, according to security researcher.

Millions of people are eagerly anticipating this summer's Olympic Games in Tokyo—and so are cyberattackers. "Events like the Olympics serve as an amplifier for cybercrime," said Emily Wilson, vice president of research at Terbium Labs. Cyberattackers will be exploiting the "increased distraction around the Olympics, allowing them to be more successful."

When people are traveling and out of their element, they may be more suspicious of the emails they receive, but when it comes to an event like the Olympic games their defenses may be down. 

So if they get an email saying their hotel reservation has been canceled or a last-minute notification that a ticket to an event requires another level of validation, for example, "there is a higher sense of urgency," Wilson explained.

"You'll probably react first and then think more critically about it later," she said. "That's a fantastic opportunity for a cybercriminal to intercept and capture personal information."

Organizations that are sending employees to work at the games can expect to see a spike in phishing as well as business email compromises (BECs), which will have significant repercussions, including account takeovers and identity theft from credit card fraud, she said.

See Cybercriminals flooding the web with coronavirus-themed spam and malware  (TechRepublic)

"What an opportunistic gift for fraudsters operating in and around the Olympic village" to target point of sale (POS) systems and put skimmers on ATM machines, she said. Attendees buying food, drinks, and merchandise at the games may not think twice about their transactions, and that's an ideal time for cyber criminals to step in, Wilson said.

"It's a really good way for fraudsters to prey on those unusual streams of purchases." While your bank will be paying attention to these transactions, it's difficult for them to determine what a typical pattern of spending looks like.

"No financial institution wants to block someone's credit card in the middle of international travel, in the middle of the Olympic games," she said, "because it's unusual activity, and consumers are going to be spending in a way they haven't in the past."

This is similar to what happens during the holiday season when a person's buying activities may be different than what they are on a day-to-day basis, making it harder to flag something as suspicious, she said.

How to respond

It would be prudent for any organization with employees or representatives going to the Olympic games to increase the monitoring of their systems to look for phishing attempts or strange behaviors, Wilson advised.

Flag any system an employee might be remotely accessing from the games as high risk, she added, and keep a close eye on them.

"Assume those individuals are at increased risk by cyber criminals and treat them as high risk," she said.

Employees should be "hypervigilant about any messages—whether email or text messages—anything you receive and be incredibly suspicious of that and assume it's fraudulent by default," Wilson said.

"We as employees or consumers have to get it right every time, and a criminal only has to get it right once to succeed," she said.

Two-factor and multifactor authentication are crucial elements of those increased efforts, she said, but so is stepping up educating your employees going to the Olympics.

"Any changes you make at the network level will be important, but the weakest link will always be the individual," she noted.

"Talk to them about phishing and suspicious text messages…and thinking critically before they use an ATM," Wilson advised. "Help them understand how these threats manifest so they can be partners in this security effort."

It also means employees and other attendees "have to slow down to make sure we're not getting taken advantage of," she said. Closely review any communications you receive and familiarize yourself with what the official emails from the International Olympic Committee (IOC) and ticket issuers look like, she advised.

Hacking is big business

Another reason to be overly cautious is that the dark web criminal market is "full of ease of use tools that can teach cybercriminals how to be more successful with things like phishing," Wilson noted.

For example, people can buy guides on how to phish and they include technical details on creating and coding a phishing site to capture and store sensitive information, she said. Such guides also provide guidance on how to more successfully trick people into clicking on your link and entering information, she said.

People can also purchase "scam pages," preformatted, precoded pages or websites designed to mimic a major brand, which saves them the trouble of having to do the work themselves, she said. 

Scam pages are designed both for desktops and mobile devices, "and that's a great way to take advantage of people who are traveling or on the go, which means they're going to be more distracted and perhaps more susceptible to a phishing email."

The Olympics run from July 24-Aug. 9. Wilson anticipates cyberattacks will start ramping up in the April-May timeframe and will "build up to a crescendo in the weeks immediately preceding and during the Olympics, as criminals prey on that sense of urgency the closer we get to the games starting."

And after the Tokyo games? Brace yourselves for another spike in phishing attacks around the US presidential election.  

Also see

cyberattack.jpg