The biggest latest threat to the Winter Olympics in PyeongChang isn’t North Korea/South Korea tensions. It isn’t doping. It isn’t even politics. It’s hacking. And while it’s an enormous concern, it’s not the first time it has happened. In fact, the Milwaukee Journal Sentinel ran an article, entitled ‘Hacking is the New Juicing in Sports Industry.’ And it's not just the Olympics taking a hit, although that's the most high-profile example recently.
For PyeongChang, the trouble started about a month after the IOC banned Russia from the 2018 Winter Olympics over doping concerns. Hackers have released a set of e-mails related to the games set for February in South Korea. The leaks appear to be a retaliation, online news portal BuzzFeed News said.
According to Tech News 18, hackers, reported to be associated with the Russian government, were calling themselves "Fancy Bears" - a trolling reference to the Games' mascots. They published a handful of e-mails dating from late 2016 to spring 2017 and appearing to be between IOC employees and third parties discussing the Russian doping conspiracy.
"These emails and documents point to the fact that the Europeans and the Anglo-Saxons are fighting for power and cash in the sports world," the Fancy Bears posted. Some of the emails' contents are encrypted. The IOC neither commented on the post nor verified the authenticity of the emails but said "we do not comment on leaked documents.”
According to cybersecurity firm ThreatConnect, a group with the same name of "Fancy Bear" had used the same website and the same format to publish documents in 2016 that had been hacked from the World Anti-Doping Agency (WADA) in response to that agency's finding that hundreds of Russian athletes had taken banned substances. The group is said to be associated with Russian military intelligence.
That’s not the only problem, though. According to a report in Inside The Games, security firm McAfee recently found several organizations associated with the Games to have received malicious e-mails in apparent attempts to steal passwords or financial information. Many of these emails have been falsely written to appear as if they came from South Korea's National Counter-Terrorism Center, the body responsible for conducting anti-terror drills in the build-up to the Games.
It is claimed that many of the bogus emails actually came from an address in Singapore, but contained instructions in Korean requesting the reader to open a text document. Malicious software was hidden either in text or images.
"Based on our analysis, this implant establishes an encrypted channel to the attacker's server, likely giving the attacker the ability to execute commands on the victim's machine and to install additional malware," McAfee added. "With the upcoming Olympics, we expect to see an increase in cyber-attacks using Olympics-related themes.”
Sports bodies have taken steps to tighten their security in recent years after a series of hacking attacks. The IAAF reported an attack from Fancy Bear in April. In addition, in 2016, Computer Business Review noted, "For the month of June 2016, Wimbledon technology partner IBM saw a 302% year-to-year increase of security events and attacks on the official website for the tournament, Wimbledon.com."
Sports Business Journal also noted, "In 2015, Team Sky alleged that someone hacked into Tour de France champion Chris Froome’s performance data as part of a campaign to prove that he is using performance-enhancing drugs. In separate instances in 2014, an English rugby team’s website was hacked by ISIS and FC Barcelona’s Twitter account was hacked by the Syrian Electronic Army. In both cases, the hackers used the team’s online platform to display their organizations’ extremist messages."
It doesn't stop there. Some teams who will be competing in the 2018 FIFA World Cup in Russia have been advised not to the use hotel and public Wi-Fi in that country for fear of hacking.
Hacking, noted one security firm, is also an enormous problem during March Madness. Only this time, it's not the NCAA's data that got hacked. Government Technology noted, “Security professionals at organizations of all sizes are preparing for a surge of potential March Madness related cyber attacks through the beginning of April. ... Nearly every aspect of any employee’s involvement with March Madness could easily open up the employee, as well as the organization to a number of cyber risks. Cyber criminals are well aware of the popularity of March Madness.”
Computer Business Review also noted, “Often attackers target high profile events to simply cause disruption, embarrass the organizers or raise the profile of their own political agenda. This has certainly been the case with hacktivist groups that use DDoS to take down websites or knock a website offline. It was reported that the 2012 London Olympics faced a total of 156 million security-related events, six of which were major cyber-attacks. Fortunately these were halted through having the right security processes and technology in place, including practicing worst-case scenarios.
”While each of the preceding hacking incidents was seemingly perpetrated by hacktivists, another high-profile scandal demonstrates that hacking can be done for competitive purposes," SBJ noted. "Chris Correa, the St. Louis Cardinals’ former director of baseball development, obtained a password from a former Cardinals employee who began working for the Houston Astros. Correa used the password to access an Astros email account and “Ground Control,” a database used by the Astros to compile information on players such as scouting reports, statistics, contract information and draft rankings. Correa later pleaded guilty to criminal hacking charges and a federal judge principally sentenced him to 46 months imprisonment and ordered that he pay the Astros $279,038 in restitution.