DHS Warns of Potential Scams and Attack in Run-up to London Olympics

Hacktivists, malware, scams, data theft and DDoS attacks are among the Department of Homeland Security’s concerns regarding this summer’s Olympic Games set to take place in London, according to the DHS Cybersecurity and Communications Integration Center’s Strategic Outlook.

Hacktivists, malware, scams, data theft and DDoS attacks are among the Department of Homeland Security’s concerns regarding this summer’s Olympic Games set to take place in London, according to the DHS Cybersecurity and Communications Integration Center’s Strategic Outlook.

The document focuses primarily on a disruption of operation caused by DoS or DDoS attacks. With an IT staff of more than 5,000 individuals for the Olympics, many of whom are volunteers, the DHS is warning about the potential for inside jobs. However, citing a recent defacement of the Azerbaijani National Olympic Committee’s website by the Iranian hacker crew ‘Cocain Warriors,’ the DHS is equally worried that ideologically motivated hackers could organize DDoS attacks against or deface official websites.

Specifically, the DHS claims that the stringent enforcement of copyright and digital content limitations on social networks and in other places may prompt cyber-reactions. There is also the risk that some unforeseen news event could incite the ire of hacktivists and catalyze some sort of reaction from them as well.

How the Olympic network responds to such attacks will depend on the sophistication of the DDoS and the resiliency of the target. DDoS launched by a large, internationally seeded botnet will be difficult to withstand, particularly if organizers don’t take proper precaution.

Of course, like any other internationally newsworthy event, cybercriminals will try to exploit it for a quick buck. The document claims that the Beijing Olympics were targeted some 12 million times a day during the Beijing Games in 2008. So, individual users need to be on lookout for all kinds of social engineering scams, malware redirects, blackhat SEO, fake ticket sales (one group apparently made $3.5m selling fraudulent tickets in 2008), and spear-phishing attempts to pilfer corporate data.

As always, be skeptical when a video prompts you to download a codec to view (what you are really downloading is probably malware). As Brian Krebs says, “If you didn’t go looking for it, don’t install it!

One thing to really keep your eyes open for is mobile-based threats. The proliferation of mobile devices from 2008 to 2012 has been dramatic. The number of applications tailored the London Games will be enormous. The DHS is obviously concerned about a slew of malicious applications flooding mobile app markets.

Whether the London Olympics will be as active for hackers, online activists and cybercriminals as the Beijing games were remains to be seen. On one side, cyber-attacks have become more common in the last four years. On the other hand, China is one of the world hotbeds for hackers and cybercrime, not to mention a favorite target of hacktivists on account of its alleged human rights violations.

You can read the entire DHS strategic outlook here [PDF].

Suggested articles