Bridgeworks features in the Autumn edition of Government Public Sector Journal, GPSJ.
November 2024
The Summer Olympics 2024 in Paris, France, are now in full throe. Unfortunately, so is the threat of a cyber-attack. The threats range from phishing attacks to still passwords and sensitive information, cyber-espionage, the targeting of various payment and ticketing systems by cyber-criminals, potential distributed denial of service attacks (DDoS), and operational technology targeting. Prevention therefore requires technology that metaphorically wins a gold medal.
‘French police probe ransomware attack on Olympic venue’, says a Reuters headline. The investigation is into a cyber-attack that concentrated on the Grand Palais exhibition hall in Paris, where Olympic events such as fencing and Taekwondo are being held, reports Dominique Vidalon.
Cyber-criminals targeted the institution’s central computer system. Fortunately, despite handling the data for 40 mainly small, affiliated museums, the incident didn’t cause any disruption to the Olympic events. Reports suggest that the cyber-criminals had demanded a ransom payment within 48 hours, “threatening to post online the financial data they had obtained if they did not receive the unspecified sum of money,” writes Vidalon.
Wider threats
The threat extends beyond the Games. Further to the Paris Olympics cyber-security concerns that have been expressed in the media for at least the last couple of months, the Australian and New Zealand Institute of Insurance and Finance (ANZIIF) warns insurers to protect their clients against cyber-threats.
“Cybersecurity is and should be on the minds of every business. Between 2021 and 2023, data breaches rose by 72%, surpassing the previous record. These statistics highlight the importance of having the right protections in place”, says ANZIIF CEO, Katrina Shanks in a recent article in AdviserVoice. With the advancement of technology, the importance of cyber-safety and even more critical – requiring robust measures against digital threats.
IBM’s ‘Cost of a Data Breach Report 2024’ puts the global average cost of a data breach in 2024 at $4.88M—”a 10% increase over last year and the highest total ever.” It says there is a “1 in 3 share of breaches that involved shadow data, showing the proliferation of data is making it harder to track and safeguard, and that the average cost-savings is $2.22M for organisations that used security AI and automation extensively in prevention versus those that didn’t.”
‘Phishing for Gold’
Michelle Cantos and Jamie Collier, in their article for Google Cloud, ‘Phishing for Gold: Cyber Threats Facing the 2024 Paris Olympics’: “Olympics-related cyber operations could impact a variety of entities. For some organisations involved in the Games such as sponsors, this could expose them to state-sponsored actors and destructive campaigns that are not typically active in their sectors. Other threats, such as cybercrime and extortion operations, will be more familiar, yet will likely become more prolific and persistent against entities involved in the Games.”
They identify the potential targets as being: The International Olympic Committee; athletes, their teams, and support staff; Olympic-related entities; physical infrastructure linked to the Games; Paris infrastructure; payment and ticking systems; high profile individuals travelling to and from the event; and tourists.
IBM’s report adds that while artificial intelligence – mostly in the guide of generative AI – is proving to be a blessing in terms of helping to prevent cyber-attacks, it can also be used by cyber-criminals to launch them. It also warns that there has been a 75% increase in average breach cost, “due to the cost of lost business and post-breach response activities. The lesson: investing in post-breach response preparedness can help dramatically lower breach costs.”
Obfuscate cyber-attacks
Another lesson, says David Trossell – CEO and CTO of award-winning WAN Acceleration company Bridgeworks, is to try to obfuscate cyber-attacks. This can be achieved in several ways. This includes organisation backing up data in at least 3 dispersed locations, outside of their own circles of disruption. The most sensitive data should ideally be air-gapped. However, there is also a need to educate people to ensure that phishing – including ransomware – attacks aren’t successfully launched in the first instance.
Organisations – including banks and fintechs – can protect their customers despite the surge in data breaches that are occurring globally. Traditionally, from a data compliance and data protection perspective, they would use technologies such as WAN Optimisation or SD-WANs, to back up and restore data to maintain their operations.
Now, they’re great technologies, but they don’t win gold in the way that WAN Acceleration can. Firstly, WAN Optimisation can’t send nor receive encrypted data. Secondly, SD-WANs often benefit from having a WAN Acceleration overlay. In contrast, WAN Acceleration can send and receive encrypted data and it is completely data agnostic. It uses artificial intelligence, machine learning, and data parallelisation to mitigate the effects of latency and packet loss. It also increases bandwidth utilisation by up to 98%.
Fraud prevention
Interestingly, while the norm is to protect consumer data or pay a huge fine that could cost much more than investing in technologies such as WAN Acceleration and three disaster recovery sites, some banks, financial institutions and mobile network operators ask the new Labour government to permit them to share more data to prevent fraud. The include Barclays, BT, Mobile UK, Nationwide, NatWest, Starling Bank, Three, UK Finance, Virgin Media O2 and Vodafone. Together they have called for better intelligence to detect fraud and protect the law-abiding public.
As well as supporting the British Olympic team, and hoping they will bring more gold medals home, Trossell says it’s also important to support STEM education – like he and Bridgeworks do. Cyber-security is a growing threat, and so industry needs to recruit talent to enable organisations to stay ahead of the criminals.
Invest in talent
After all, cyber-threats will continue to persist long ago the Games are over, and so organisations need to invest in existing and future STEM talent and in technologies that can keep themselves and their customers safe. There is also a need to invest in our sporting talent for future Games, and Bridgeworks does that by supporting the Royal Lymington Yacht Club’s youth programmes. In doing so, including its proud sponsorship of graphic artist, Alishia Hoyle, Bridgeworks and its WAN Acceleration technology wins gold. The latter enables data to be kept safe and secure.
Click here to read the article on Government Public Sector Journal, GPSJ