Few things generate interest, passion, and a following like the world of sport. Armed conflict has been suspended upon the occurrence of a sporting event. Business pursuits take a backseat to the spectacle of a major competition. Children are given the namesakes of sport icons. What better energy exists than from sport to catapult cyber community building?
Why a community? Cyber is a team sport. Going it alone against cyberspace challenges is not effective, whereas partnering in information sharing breaks the attack chain. Partnering as a team also improves the resilience of an entire ecosystem. Sports-ISAO established the Cyber Threat Intelligence Watchfloor during the Olympics in Rio to start a drive toward collective risk management in the world of sport. Besides being ineffective, security isolationism is expensive. To change the equation so that market segments and communities begin to collectively organize into information sharing groups, cost sharing pools, and actively reducing collective risk by forming capacity centers, we chose sport as a rallying tool.
An additional driver of our strategy is the partnership with CyberUSA. Building a community of communities in the United States and with growing ties with communities worldwide, CyberUSA and Cyber Resilience Institute are partners in helping communities come together through Sport to build information sharing and cyber-resilient communities. The c-Market™ is the marketplace of cyber solutions that brings value and efficiencies to the community. Sports-ISAO demonstrated how this is done during its Rio Summer Olympics project. Hosted by the Colorado National Guard in Colorado Springs, Sports-ISAO stood up its Watchfloor operation, and engaged in cyber threat intelligence production and information sharing during the Games. Our key strategic findings are summarized below:
THE THREE KEY STRATEGIC FINDINGS
The Industry of Sport: Yet Another Institution of Society Targeted for Attack! Scanned, probed and targeted by cyberattackers, the Sports-ISAO observed hostile activity from the Internet as soon as the Olympics project was announced. Moreover, athletes, organizers, sponsors, and affiliated enterprises were all attacked. The publicity of the Olympic Games and all its financial backing, along with the geopolitical tension surrounding the Summer Games in Rio in 2016, presented an attractive target for a variety of threat actors.
Cyber Threat Intelligence Must Be Integrated With Event Security Operations. Hacktivists targeted the Olympic Games as a global institution! Networks served simply as instruments for achieving the greater goals of the hackers. Sports-ISAO monitored hacking groups, and performed research on the DarkComet malware, a Remote Access Trojan. The resulting visual aid depictions of the extent of Brazilian compromised devices presented a striking Use Case for protecting critical infrastructure and aiding event security through an ISAO approach.
It Takes a Team Defense. That’s a “Cross-Platform” Team Defense. Securing all of Sport, because sport participation occurs at events and venues, requires interdisciplinary intelligence. Threat Actors can target facilities, athletes, and affiliated partners. In addition to analyzing Indicators of Compromise on a platform, Sports-ISAO used social media intelligence and darknet intelligence. Fusing All-Source Intelligence is key for Securing Sports!
A copy of the summary report can be downloaded here.