Jul 31, 2012 (11:07 AM EDT)
Olympics Tap Big Data To Enhance Security
Read the Original Article at InformationWeek
security has been nearly as high a priority at the Olympic Games as sportsmanship.
Digital security always scored a distant second place behind physical security because the threat of physical terrorism is more dire than any digital threat, and because cybersecurity threats have been far less effective than physical threats, security analysts said.
Cybersecurity is still a second priority, but its tools and techniques are helping to shore up physical security at the Games, using big data analysis techniques to identify suspicious activity, imminent threats, and unexpected holes attackers in the real or digital worlds could exploit.
Digital attacks on the London Olympics could easily surpass the 12 million hack attempts recorded during the Beijing Olympics four years ago, according to Larry Ponemon of the Ponemon Institute.
Attacks could come from political hacktivist groups such as Anonymous, nationalist or terrorist groups, or--most numerous and most likely to throw their black hats into the competition for tourist dollars--highly organized, sophisticated criminal organizations, Ponemon said.
[ Get more Olympic-caliber business advice. Read Olympics Lessons For Social Media Strategists. ]
The clearest--and least-expected--contribution is the real-time situational-awareness system built up using security information and event management (SIEM) systems and log files from network servers, digital-door-lock scanners, firewalls, point-of-sale systems, and other computer-enhanced systems that would normally be neglected until long after the Games were over.
Instead, big data analysis apps are searching through the tens of thousands of logs generated every day. They are tracking nearly every hint of physical and digital activity within the Olympic Village and the population of spectators and Olympic Games workers outside it.
Channeled to the SIEM system and big data analysis engines, the logs--which could amount to petabytes of data by the end of the Games--offer a detailed picture of all potentially suspicious activity in real time, rather than weeks after the Games are over, according to Chris Petersen, CTO and cofounder of log-analysis and SIEM vendor LogRhythm.
Sifting through logs to identify when and where someone is using an electronic passcard to go through the wrong door at the wrong time is invaluable, but not terribly useful if the security system isn't also prepped with a series of automated responses and countermeasures to expected threats, Petersen wrote.
Applying big data to forensic data search and analysis is unusual in the world of big data, but could give responders in Olympics security operations centers (SOC) both early warning of threats and preconfigured ways to respond to them in ways security staff at previous Games couldn't manage, Petersen wrote.
For hackers, the easiest targets may be the near-field communications (NFC) systems Visa is sponsoring that allow tourists to pay at food stalls, souvenir stands, and ticket vendors using no-touch digital-wallet payment systems, according to Robert Siciliano, an identity theft expert and blogger for McAfee security.
Mobile contactless payments--which allow smartphones loaded with security certificates and transaction software to act as credit or debit cards--may be convenient, but also give attackers a thinly defended point of entry for mobile payment systems on both Android and iOS devices, Siciliano wrote in a McAfee blog earlier this month.
"If someone has NFC turned on, an attacker in close proximity can pick up every signal to gather private information or payment information on an athlete's device," Siciliano wrote in the McAfee blog post. "It is almost like pick pocketing, but they don't even have to touch you."
Even limiting the NFC exchanges to one device, the Samsung Galaxy III, does little to minimize the risk, Siciliano said.
The Android Beam data-transmission protocol and the NFC broadcast ability on which it depends are both enabled by default in Android 4.0 and have no automatic restrictions to keep them from opening malware sites or accepting virus-riddled files when a surreptitious RFID tag or hidden smartphone asks them to, according to Miller.
Nokia's N9 smartphone automatically accepts any NFC connection request, in fact, practically begging hackers to deliver doctored .doc, PDF, or other files that can give hackers root access to the phone.
Security software vendor Kaspersky Labs has warned that phishing scams, DDoS attacks, penetration attempts on Olympic Committee websites, and other examples of cybercrime are almost impossible to prevent, even at a high level of alertness.
Attackers could go after London Olympic Committee servers publishing information about the games or go after internal-network servers running timers and other Olympic logistical systems, according to Kaspersky researcher David Emm.
Hackers could also just set up at Olympic venues with fake Wi-Fi hotspots designed to lure unwary users into divulging private login or other information, he said.
A host of other email scams are also circulating, taking advantage of the high level of interest in the Games to try to slip through the guard of both onsite and remote spectators, according to a warning issued earlier this month by the U.K. Department of Human Services.
It's impossible for any Olympic Committee to completely eliminate security risks, but the British government has "been going to great pains to avoid" the most direct digital threats, not to mention the physical risks, according to Kaspersky's Emm.
However, neither the digital precautions, nor the 3,500 British troops added to the 27,000-person private security staff, delivered security tight enough to prevent even obvious gaffes in physical security.
Directors at Wembley Stadium, where the Olympic soccer competition will be held, had to replace all the locks at the 90,000-seat arena after police lost a set of keys while checking security.
Less ominously but more obviously, the security net was too loose to keep an Indo-British woman from slipping into the parade of nations during the opening ceremonies and march uninvited with the Indian national team. The intrusion by 25-year-old Madhura Nagendra wasn't subtle; the red hoodie and blue jeans she wore clashed obviously with the blazers, saris, and yellow turbans worn by the Indian marchers.
"She was very brazen and walked alongside our flag bearer Sushil Kumar and everybody took her to be an official or something," Indian Olympic Committee official Harpal Singh Bedi told the British Evening Standard.
The Indian delegation is demanding an explanation from the London Organizing Committee.
Nagendra didn't "just walk in off the street," according to Sebastian Lord Coe, chair of the London Olympic Organizing Committee. She was one of hundreds of dancers, actors, and singers performing earlier portions of the opening ceremony who decided to expand her role.
"She shouldn't have been there, but she clearly started in that venue," Coe said at a press conference after the event. "She was a cast member who got slightly over-excited."