During an international competition, spectators seek the emotion of victory. But they are not aware that behind the scenes, cybersecurity is now a major issue to anticipate. Like organizers, host cities must put together a competitive team to win the cybersecurity game.
Local authority, authority, organizer and technological partners: the cybersecurity “dream team”
Sporting events are a reflection of society: they are increasingly connected. The technological dimension makes the guarantee of security more complicated as the technologies are constantly evolving, the areas exposed to cyber risks are expanding and the threats are multiplying. However, the cybersecurity approach can be similar to that of more “traditional” security, consisting of five major steps: knowledge, anticipation, protection, detection and reaction. It is essential that local authorities, organizers, authorities and technology partners form a complementary team to fight against attacks.
Although there is no specific obligation linked to the hosting of a major sporting event, the host communities remain responsible for cybersecurity at their level, in particular the detection of threats, the analysis of risks and the choice of solutions to remediate. They must take charge of the cybersecurity of their sites hosting sporting events, but also the perimeter outside the event. Indeed, local authorities and their partners are the first to be mobilized in the event of a cyberattack before any intervention by State services.
From information systems to sports infrastructure, security devices must protect potential targets and cover their vulnerabilities, and be clearly defined and known to all actors involved. To do this, the appropriate human and technological resources must be put in place to guard against cyber risks and react quickly. Resilience capacity is essential during a large-scale event, given the need to follow a busy program that is difficult to change. In addition, the smooth running of the events not only impacts the athletes, but also the image of the communities on which all the spotlights are trained.
Targets that multiply, a shooting window that widens
Over the years, the targets diversify as the threats take on new forms. Previously, information systems were the main targets of intrusions on networks or from workstations. From now on, we must consider as potential victims all the industrial and operational networks composed of connected objects such as stadiums, networks of surveillance cameras, wastewater treatment plants or power stations which can be paralyzed. Worse still, the disastrous consequences can be widespread, because each vulnerability is a gateway to all interconnected networks. One of the peculiarities of cybersecurity is that its perimeter is not physically delimitable and its boundaries are blurred. It is therefore necessary to determine a scope of responsibility for all the parties involved and to make each of them aware of the solutions to be deployed.
Galvanizing crowds, sporting events also attract attacks aimed at destabilizing the host and organizations under strain. A threat that is gradually growing since 450 million attempted incidents related to cyberattacks were reported during the Tokyo Olympics, or 2.5 times more than in London. Today, it is impossible to describe a cyberattacker under a single face, the increase in the number of targets being linked to the diversification of threats and their authors. Attacks can be the work of new malicious actors who have just obtained ransomware, established criminal groups, hacktivists acting for political or religious reasons, or can be sponsored by States.