In an attempt to strengthen defenses against possible terrorist attacks, Winter Olympics IT officials have decided against rolling out wireless applications and have instead added new layers of physical security.
The changes are part of a top-to-bottom, post-Sept. 11 review of security at the Games, which occur in Salt Lake City Feb. 8-25. Salt Lake Olympic Committee officials have said they and the federal government have increased the amount to be spent on security overall by $75 million, bringing the total security budget for the event to $315 million.
Prior to the Sept. 11 terrorist attacks in New York and Washington, the SLOC and its primary IT integrator, SchlumbergerSema, had planned to implement an 802.11 wireless network for scoring, administrative and commentator support. According to Bob Cottam, chief integrator on the Olympic project at SchlumbergerSema, in Salt Lake City, the wireless access plan was dropped due to heightened security concerns.
“There was some thought, in light of whats been happening, that the technology as it stands at the moment is not secure enough,” Cottam said. “Wireless is an option for the future.”
(SchlumbergerSema, a New York-based unit of Schlumberger Ltd., is contracted to provide IT integration services to the next four Olympic Games, through 2008 in Beijing.)
Cottam said that, after testing 802.11b WLAN (wireless LAN) products, SchlumbergerSema integrators came to the conclusion that the encryption built into the standard would be too weak to hold off attackers.
“Our security experts said the encryption could be compromised in between 15 and 45 minutes,” Cottam said. “Even if attackers didnt break code, they could cause denial-of-service problems.” Cottam said SchlumbergerSema had not made a final decision on a WLAN vendor before pulling the plug on deployment plans.
The SLOCs decision to pass on WLAN technology is not surprising, said Sarah Kim, an analyst at The Yankee Group, in Boston. Like Schlumberger-Sema and the SLOC, many organizations—particularly hospitals—have put 802.11b WLANs on the back burner because of security concerns, Kim said.
The Wireless Equivalent Privacy encryption algorithm, which is at the heart of the 802.11 standard, has been shown to be susceptible to hack attacks using statistical analysis and other known techniques.
While networking vendors including Cisco Systems Inc. and 3Com Corp. offer products intended to boost WLAN security, many of those are proprietary and work only with one vendors hardware, Kim said. “For that reason, many organizations are reluctant to use these products and are keeping [WLANs] very much in the evaluation-only category,” Kim said.
Without the WLAN, Olympic officials, athletes, journalists and others will be restricted to accessing event results and other systems from 4,500 workstations and laptop computers and 1,000 kiosks at 40 venues. All will be connected to 225 Windows NT Servers and 145 Unix servers via a Gigabit Ethernet LAN. Lucent Technologies Inc. is providing the optical fiber wiring, while Cisco Systems Inc. is providing the hardware.
The SLOC and SchlumbergerSemas Houston-based Network Solutions Inc. organization also conducted a review of IT security technologies and techniques to be deployed at the Olympics. The tests showed those systems—comprising firewalls, intrusion detection and password protection technologies, and virtual LANs to isolate critical systems—to be adequate.
Nevertheless, Olympic organizers and SchlumbergerSema are beefing up physical security with biometric scanners to identify athletes and officials.