In a private industry notification issued on July 19th, 2021, the FBI warns “partners to remain vigilant and maintain best practices in their network and digital environments.” This warning beckons memories of a Russian GRU operation to disrupt the 2018 Winter Olympic games. In 2018 a process began shutting down operations at the Seoul data centers and killing power to the Olympic Stadium and launched a major investigation into the malware later called “Olympic Destroyer.” It should be noted that while this warning does come with a genuine history, “The FBI to date is not aware of any specific cyber threat against these Olympics[.]”
Partners of these upcoming Olympic games ought to be prepared for more than state-sponsored actors. With the growth and speed of ransomware actors since 2018, there is a real possibility that self-aware actors will wait till the games start to apply pressure from victims to pay the ransom. Like all significant operations, security begins with planning and understanding one’s threat surface. Developing logging capabilities and protections around vulnerable and protected devices alongside continuous monitoring is one of the most effective ways to expedite the remediation of potential threats and suspicious activity. Investing time into operations, analysts, and logging now can soften the blow later.