Olympics-Related Malicious Activity Likely to Affect Local Governments

Malicious cyber threat actors have historically used high-profile events such as the Olympic Games to carry out their attacks – government entities are likely targets.

CyberAttackOlympicsThe Center for Internet Security (CIS), endorsed by MACo, has published a white paper providing recommendations for county technical staff in protecting networks and users during the 2018 Winter Olympics. The cybersecurity experts at CIS note that high-profile events are usually turned into vehicles for malware, scams, fraud, and cyber-espionage.

Because county employees might view Olympics content on government-issued devices or networks, these threats could directly impact the security of local government systems.

Tactics likely to be used are summarized below, but more details are available in the CIS white paper:

Phishing – Expect emails with links to malicious website advertising live coverage, news stories, or ticket sales. These websites often contain malware or attempt to steal login credentials.

Olympic Coverage – Malicious actors are likely to create malware-laden websites with domains resembling legitimate ones. They often use social media to spread these links. The CIS Multi-State Information Sharing & Analysis Center has already observed an uptick in registration of several domains containing “Olympics,” “winter,” “games,” or similar key phrases.

Mobile Apps – Olympics-themed apps may not be as legitimate as they appear. While they may use 2018 Winter Games branding, they could contain collection capabilities that could cause data breaches if downloaded to government network endpoints.

Travel to the Olympics – CIS reports that cyber-espionage and profit-motivated cyberattacks on visitors and spectators in PyeongChang are almost a certainty. Wi-Fi spoofing, card-skimming, and similar hard-to-detect threats could invade government systems through employee devices or credit cards.

Recommendations for addressing these threats are available in the CIS white paper.

To find out more about the Center for Internet Security – and how they can help your county networks stay safe and secure with low-cost or FREE MACo member options – please contact MACo Member Services Director Virginia White.