cybersecurity — Blog — Peter Cavicchia

We’re now in the middle of the 2020 Olympics Games in Tokyo — a moment of international connection after a challenging year when the COVID-19 pandemic postponed the original date of the iconic sporting competition.

While it’s a celebratory moment, speculation has ramped up about just how secure the global sporting competition is after all.

Concerns are justified. Both the 2016 and 2018 Olympic Games were targets of Russian hackers. In fact, the attack on the winter 2018 Olympics in PyeongChang, South Korea went straight for the opening ceremonies, hitting stadium Wi-Fi and even affecting security gates, according to Wired.

Leading up to these games, cybersecurity experts and international watchdogs have been sounding the alarm that governments, Tokyo officials, sporting teams, and individual athletes alike should all be on high alert.

The Washington Post reports on some of the most common concerns surrounding this year’s Olympics. For example, the FBI was recently alerted to the potential of a major hack, aware that live broadcasts could be targeted as well as the personal data of athletes and their teams.

“In 2021, the Tokyo Summer Olympics may shape up to be what COVID-19 PPE and vaccine diplomacy was to 2020 — a clear opportunity for nation states to deploy information campaigns to denigrate their adversaries, promote their system of governance, and burnish their image on the world stage,” wrote Rachel Chernaskey, Max Glicker, and Clint Watts in a piece for the German Marshall Fund’s Alliance for Securing Democracy, as cited by the Post.

Despite these concerns, the Olympics seem to be going along smoothly so far. Earlier, reports surfaced that Olympic ticket data was leaked, with IDs and passwords from the Tokyo Olympic ticket portal was posted publicly to a leak website.

A spokesperson for the Tokyo 2020 International Communications Team told ZDNet that this was not in fact a leak from Tokyo 2020’s system and that “we have already taken measures int he form of password resets to limit any damage for the very limited number of IDs detected in this case based on the information supplied by the government.

Cybersecurity officials will be ever present as the 2020 Olympics continue. The games run through the Closing Ceremony, which will be held on Sunday, August 8.

As the world continues to reckon with the ever-present threat of hackers who are growing consistently more sophisticated, vigilance over personal and government data will vault to the forefront of everyone’s minds as the summer games roll on.

The past year has brought cybersecurity front and center as work-from-home became the norm and the average person had to become better equipped at keeping sensitive data safe and secure. Despite these security friendly cultural and societal shifts, a new survey of tech professionals reveals we might not be quite up to par with best cybersecurity practices.

Tech news website TechRepublic reports that the survey from the Thales Group shows security teams across a wide international range of companies have generally been having difficulty adjusting to the new cybersecurity demands of the COVID-19 era. This means security teams have not been brought up to speed on ever-evolving cybersecurity protocols — from lack of modern infrastructure needed to defend their firms from hacks to improper training in current programs and software.

The extensive report found 20 percent of respondents said their security systems were ready for a sudden shift to the cloud as the pandemic altered overnight how companies handled their workflows. The survey also revealed 82 percent of respondents were concerned about security risks posed by the push for at-home work and 44 percent said they feared their firms’ systems were not equipped to keep data generated and transferred from home-based employees secure.

A need to embrace cloud computing

This doesn’t mean the majority of firms have security teams that are lacking in talent. It’s quite the opposite. Instead, the report reveals that these cybersecurity professionals just haven’t been given the appropriate tools fast enough to handle this changing world.

“Technologies such as encryption and multi-factor authentication (MFA) have not reached saturation levels such that the majority of applications and data are fully protected,” TechRepublic cites in a passage from the report.

One of the main cybersecurity realities that has emerged during COVID-19 is the need to embrace cloud computing. As we continue to normalize working from home — with many workplaces turning to hybrid home-and-office models — the cloud will only continue to be a necessity.

The Thales Group found that just 17 percent of respondents said more than 50 percent of sensitive data hosted on the cloud is encrypted at their firms. If you zero in further, 24 percent reported having full knowledge of where their data is even stored in the first place while 45 percent say their teams have clearly defined company-wide cloud protocols.

What this means is there is a lot of work left to do.

The Thales report lays it out clearly — everyone at a firm needs to be on the same page when it comes to cybersecurity: “Senior executives need to ensure that they obtain a more complete understanding of the levels of risk and attack activity that their front-line staff are experiencing. They can't make effective strategy and security investment decisions when perspectives across the organization aren't aligned."