Predictions About Olympic Cyberattacks

We’re all excited about the upcoming Olympic games. And so are the hackers. Oh my goodness. I just finished reading a report by the cyber threat Alliance about what they’re expecting to happen at these Olympic Games in Tokyo. 

The Olympics have always been a huge target when it comes to the bad guys.

[00:00:23] You might remember there have been abductions at the Olympics before where some of the Olympic competitors were held at gunpoint. Of course, we’re not going to forget that one anytime soon. And looking back through the last few Olympics, there have been many different types of attacks, some more successful than others, frankly, but looking at this report, they were talking about the 2008 Beijing Olympic.

[00:00:51] The attacks then were relatively limited. There were about a 12 million cyber alerts per day. Now this is part of the problem with cyber security. You get so many alerts. What do you do? How do you. Bond and none of those 12 million cyber alerts per day resulted in a successful attack. Now that was back in 2008, there were some scams like ticket scams are always are, but nothing big.

[00:01:23] The next one was the London Olympic. In 2012 and the London Olympic, they had pretty much low level attacks and they didn’t result in any real high impact cyber security event. And the most significant event back in 2012 was evidence. Credible cyber threat against electrical infrastructure. That was of course in place for those Olympic games.

[00:01:50] There was a distributed denial of service attack on the power systems. Nothing much really happened, no real impact. Then 2016 Rio de Janeiro. They were starting to pay more attention to cyber security for very good reasons. Frankly, there was a large scale denial of service attack that was carried out by this bot net.

[00:02:16] Let me explain what that is. A denial of service attack is where you might have a website for instance. Providing service to your customers that might be going there to look at your catalog, maybe buy some things. It might be a government agency. It might be an important part of the Olympics in this case and their critical infrastructure.

[00:02:37] So denied service means you either knock it off the air or so people can’t get it. Or there’s also the distributed denial of service attack. Now D dos are the distributed ones are where you have hundreds or thousands of computers out on the internet, all over the place that are trying to get to maybe the home page, maybe the purchase page.

[00:03:04] And because the coming from all over the internet, they’re very hard to shut. And that’s where we have the botnets coming in, too. Botnets are groups of computers that have been compromised by the hackers. So what they do now is they command, for instance, you’re a home computer that you don’t even know is under the control of one of these bad guys, your home computer now, issues or requests.

[00:03:33] Hey, yeah, give me the home page of Olympics 2020. And off it’ll go dutifly and try and get the homepage. That’s all well, and good. If the load on the server is what they’re expecting. You’ve been to sites, right? You hear something mentioned on the radio and like Craig Now, because I mentioned my website, Craig Peterson, S O

[00:03:58] And there are people listening. Some of you guys are going to go to my website. Now the normal traffic of having dozens of new people go to my website is not going to bring the site down. However, here’s the other side of this? What happens if maybe two or three times as much traffic as I expect is going to come to the site?

[00:04:22]I’ve compensated for that. We should be able to handle that just fine. But what happens if all of a sudden it’s a thousand times what we’re expecting because there’s 20, 30, 40,000 cases. Peter is out there that are trying to get my homepage or in this case, the Olympic. Homepage. Obviously the server’s not going to be able to respond and it’s either going to crash or and I’m sure they set this up the right way.

[00:04:49] It’s going to deliver a message saying the servers over loaded right now. Try again a little bit. And by the way, if you get that message on a website saying, Hey, try it in a few minutes, please try it in a few minutes. Don’t just hit reload because that’s going to put even more load on that poor little overloaded server.

[00:05:10] Now what they had here coming in 2016 at the Rio de Janeiro Olympics was a staggering 540 gigabytes. Per second worth of people requesting homepages. That is insane. That is a lot of bandwidth. And the fact that they apparently had that much bandwidth available coming in is also amazing, but also remember people are looking at videos.

[00:05:41] Am I. To get the insider scoop, add some stuff happening behind the scenes. Now, many of the attacks in 2016 started before the Olympic games, even. And what they were doing is attacking different parts of the Olympics infrastructure operationally. So it’s a problem. It’s a very big problem. They survived that whole thing.

[00:06:09] And by the way, the Brazilian government ended up trying to protect the world cup back in 2014 as well by spending a whole lot of money and time on this. But remember, Even back in 2008, we were talking about 12 million cyber alerts per day. How can you staff up for that back then? It was back then.

[00:06:32] We’re seeing some of our clients being hit with hundreds of cyber attacks a minute and multiple per second, sometimes 10 20, 30. Per second. It’s just incredible. What happens? In fact, divide those numbers out 12 million divided by how many seconds in a day. It just shows you how amazingly huge it is.

[00:06:56] Now we have seen time. Past where a country like North Korea, for instance, doesn’t like what Sony pictures is doing. So North Korea then attacks Sony pictures. And in the case of Sony, they downloaded a bunch of confidential information. They released it. They embarrassed some people now, hardly anybody got fired.

[00:07:16] It’s absolutely amazing. But anyway, What’s happening right now is Russia. Think about all of the Russian attacks against our businesses and our critical infrastructure as a country, they have been huge, massive attacks. We have now Russia at a point where they are getting massive amounts of.  built up.

[00:07:45] Why? Because they submitted doped samples in 2019 to the Olympic committee. Yeah. So this was a, the McLaren report released by the world anti-doping agency. Describe what we’re really systematic effort by the Russian government to really undermine the drug testing process. We’ve also seen the Russians in the past because they’ve been caught doing this.

[00:08:14] And the Chinese as well, putting in some of the competitors, particularly into things like gymnastics that were too young to compete based on the Olympic rules that were in place. So we had all of this happen during, and after the 2014 Sochi winter Olympics. Guess what those restrictions on their athletes are still in place and in place in a very big way, they will not play the Russian national Anthem at the ceremonies at the Olympics.

[00:08:48] And they will not allow the Russian flag to be carried. In fact, their athletes have to carry a neutral. Flag. So expect some serious attacks from Russia against the Olympics. And remember the Olympics. There are no spectators. Everybody’s going to be watching this thing on a line. So it’s going to be interesting.

[00:09:14] We’ll keep an eye and let you know how things go. Stick around. Visit me online.

Listen to this episode