(LiveHacking.Com) – During the last Olympic Games it was estimated that China was subjected to approximately 12 million online attacks per day. In preparation for the upcoming 2012 games in the United Kingdom, the Department of Homeland Security’s National Cybersecurity and Communications Integration Center has posted a report warning that criminals and ‘hacktivists’ could use the 2012 Olympics as platform for cyberattacks.
The report warns that scams and malware campaigns will grow in scale and complexity in the lead up to the 27 July opening ceremony in London with the supporting information systems including transport infrastructure and law enforcement communications seen as the prime targets. In response the Olympic organizers have already started running ‘technical rehearsals’ from their Technology Operations Center (TOC) situated on Canary Wharf. During the games over one hundred personnel will monitor the UK’s critical systems which includes over 900 servers, 1,000 network and security devices, and 9,500 computers.
Internet users are also warned that phishing attempts which imitate official Olympic correspondences have already begun circulating in the wild. The report notes that a spam message with a malicious attachment (Early Check-In 2012 Olympics.doc) has already been spotted. The document exploits a RTF Stack Buffer Overflow Vulnerability and installs additional malware on the victim’s computer.
“British law enforcement organizations have been collaborating with the U.S. Secret Service and other industry experts to understand attack vectors, detection methods and mitigation strategies to combat the threat. However, the cyber implications are more expansive than localized attacks against systems and encompass globally distributed Olympic-themed malware, spam campaigns and scams,” says the report.
It is antisipated that protestors could choose to launch denial of service (DOS) attacks during the games with the added complication that some of the 5,000 IT staff working during the games could launch insider attacks. The report also warns about potential information theft, again facilitated by an insider.