8 Cyber-Security Lessons Learned From the Rio Olympics

8 Cyber-Security Lessons Learned From the Rio Olympics

The 2016 Summer Olympics drew big crowds—and its share of cyber-security attacks. Here are some of the lessons learned from Rio, and ways to stay protected.

Maintain and Inspect Your Network Often

This is one of the simplest ways to avoid risks and threats. Review your network consistently, applying patches, as needed, to defend against known vulnerabilities.

Encrypt Your Data

In the data dumps out of the Olympics, some of the passwords and other sensitive information were in clear text and not protected at all. It’s basic, but making sure your data is encrypted can help prevent embarrassing and costly revelations after a hack.

Guard Against Multi-Vector Attacks

Implement a security solution that includes protection from network- and application-based DDoS attacks, as well as volumetric attacks that can saturate the internet pipe.

Combine On-Premises and Cloud for Better Protection

By using on-premises systems for detection and mitigation, combined with cloud-based protection for volumetric attacks, you’ll be better able to snap into action should your network be hit by a DDoS attack.

Be Ready for Collateral Damage, Even if You’re Not Part of a Big Event

When you use cloud storage, you don’t necessarily know who your neighbors are on your providers’ servers. If one of them is the target of a DDoS attack, the damage could spill over to your properties. Make sure you know your cloud provider’s architecture and security policies, and whether it can separate clean and malicious traffic.

Stop SQL Injections and Other Web-Based Attacks and Intrusions

If the data dumps coming out of the Olympics cyber-attacks are verified, they likely were obtained via an injection-based attack, like a SQL injection. Make sure your security solution blocks these kinds of attacks.

Assemble an Emergency Response Team and Plan

Put a strategy in place and tap the right people to carry it out long before any attacks occur. If you don’t have a plan or haven’t revisited it in a while, and if you haven’t designated specific team members to specific roles during an attack, do so now.

If You’re in the Public Eye, Assume You’ll Be Attacked

Just being associated with the Olympics led to attacks against some organizations. It’s reminiscent of when Nissan was attacked by anti-whaling activists simply because it’s based in a country that hunts whales. You might not be able to anticipate these kinds of attacks, but if you run your security assuming attacks are a matter of when, not if, you’ll be better prepared when they do hit.