With the Winter Olympics just around the corner, Mandiant has historically seen the Games attract the attention of cyber threat actors, but with them taking place in China this year, there are a few additional things to consider – whether you’re attending, or part of an organization with ties to the event.
Cristiana Kittner, Principal Analyst, Mandiant Threat Intelligence and her team follow the cyber activity around international events like this:
“As with many high-profile international events, the Olympic Games generate a spike in economic activity and press coverage in the host nation, which we’ve seen attract the attention of cyber threat actors in the past.
“Based on our understanding of threat activity surrounding previous Olympics, this activity could be in the form of nation-state actors and information operations campaigns using the media attention to embarrass rivals through hack-and-leak campaigns, website defacements or other disinformation. We’ve also seen financial criminal actors capitalise on events like this to exploit increased tourism and local spending or use Olympic-themed subject lures in their malware campaigns targeting the public.
“With the event in China this year, known to be one of the ‘big four’ nations when it comes to cyber activity, we could also see reconnaissance activities on devices brought into the country by visitors. It’s important to be aware that cyber activity could target athletes, officials and visitors, but also the different businesses that support the Olympics too, whether that's in industries like hospitality, telecoms or providing a sponsorship deal.”
Mandiant’s advice for visitors to the Games:
- Leave your personal devices at home and take burner devices if you need to – ones that you will only use while visiting and replace afterwards. Secure these devices and accounts you’ll access with strong passwords
- Use a VPN at all times, and enable multi-factor authentication wherever possible
- Avoid accessing social media and banking if at all possible – pick up the phone and make a call for anything that requires credentials
- Remember your connections – it’s not just about protecting yourself, but also organisations you’re linked with
"This year the Olympics and their cyber activity will be closely scrutinized, firstly for the geopolitical stakes of this location in China, but also and above all for France to continue to prepare as well as possible for the 2024 Olympics. We have already observed numerous campaigns in the past during previous editions of the Olympics and we expect to see even more activity this year. We will certainly have to be able to sort out the real from the fake and base our findings on proven and verified facts," says David Grout, CTO EMEA MANDIANT.