The threat of insiders is main Olympic challenge

The greatest threat to IT security, and not IT security alone, when it comes to security, during past and future Olympics is internal contractors

by Michael Smith

RSA Europe 2008, October 2008: Marc Llanes, information security manager of Atos Origin, said: “We found that internal threats were the most serious in Beijing, and this is always going to be the case. For example, one of our most serious events was when one of the accreditation workers on the front desk was discovered attempting to export the photos and details of the entire list of celebrities who were cleared to attend.”

It must be rather obvious what this could mean as regards to terrorists, especially in the UK where we have already experienced our “home grown” Jihadists. The British security services, theoretically, should be well versed in such matters, seeing that for decades they had to battle against the IRA (not that they often got very far in that) but this does not lessen the threat in the least.

Atos Origin was responsible for monitoring the entire IT network in Beijing, and is set to perform the same role in the 2012 London Olympics. “We had other issues of course”, continued Marc Llanes in his presentation entitled 'Olympic Games Information Security: The Ultimate Challenge', “there were many attempts to import hacking tools, and our network was dealing with 201 million filtered events per day, which we cut down to 500 real incidents using our custom-built multi-level correlation engine.”

Managing the security of the Olympic IT network was down to a team of just 18, split into two shifts of six. Due to the massive number of network devices and the speed of the roll-out a high level of automation was required to keep track of events, according to Atos Origin.

“In London we are expecting to have many more issues with wireless networks”, Llanes said, “there will be a lot more public networks in the area, and these will be a new issue. However, we also have new technology to deploy, such as an authentication system that wasn't stable enough for Beijing – this will be ready in time for London.”

While the importation of hacking tools may be one threat the general threat by insiders, those armed with no more than a USB stick or two, is far greater, and this would need monitoring of ports. In addition to that, as Marc Llanes mentioned, the fact of wireless networks being used is another security issue, and this is probably one of the biggest ones. All it needs for encryption to fail or someone gaining unauthorised access into the network via a network in the vicinity and all hell could break loose. Hopefully not, but...

© M Smith (Veshengro), November 2008