The greatest IT security threat during
past and future Olympics is internal contractors, said experts at
RSA.
Marc Llanes, information security
manager, Atos Origin, said: “We found that internal threats were
the most serious in Beijing, and this is always going to be the case.
For example, one of our most serious events was when one of the accreditation
workers on the front desk was discovered attempting to export the photos and
details of the entire list of celebrities who were cleared to
attend.”
The company was responsible for
monitoring the entire IT network in Beijing, and is set to perform
the same role in the 2012 London Olympics.
“We had other issues of course”,
continued Llanes in his presentation 'Olympic Games Information
Security: The Ultimate Challenge', “there were many attempts to
import hacking tools, and our network was dealing with 201 million
filtered events per day, which we cut down to 500 real incidents
using our custom-built multi-level correlation engine.”
Managing the security of the Olympic IT
network was down to a team of just 18, split into two shifts of six.
Due to the massive number of network devices and the speed of the
roll-out a high level of automation was required to keep track of
events, according to Atos Origin.
“In London we are expecting to have
many more issues with wireless networks”, said Llanes, “there
will be a lot more public networks in the area, and these will be a
new issue. However, we also have new technology to deploy, such as an
authentication system that wasn't stable enough for Beijing – this
will be ready in time for London.”