Although provisions were in place to prevent it, cyber terrorism was not a major concern at the London 2012 Olympics, according to BT Security’s CEO, Mark Hughes, with the majority of notable events being rudimentary DDOS attempts or financial fraud.
Speaking at the RSA Conference in Amsterdam, Hughes acknowledged that his company, in partnership with LOCOG, ran through worst-case scenarios for cyber terrorism during the London 2012 Olympics, including putting together provisions for the shutting down of major power networks. In addition, despite the over 200 million malicious incidents reported during the event, just 77 tickets required a human response from analysts.
When asked to define those 212 million events, Hughes described these to us as anything that could be flagged as a potential threat – from a single DDOS attempt to defacement. Necessary defences were built over seven years of preparation, it was asserted, while the London 2012 website was the most visited on the planet during the Games.
Hacktivism – such as loose collective Anonymous – may sit under the same umbrella as cyber terrorism itself, from the perspective of the security industry. Although Hughes referred to hacktivists in his keynote as teenagers trying to change the world from their bedrooms, he recognises that rather than the phenomena being on the wane, there is potentially a shift towards targeting financial institutions. There are different stratums of the ‘hacktivist’ that vary both in message and technological proficiency – and the first waves of public defacements or DDOS attacks could be planting seeds for something altogether new.
Over the course of the London 2012 Olympic games, there were “quite a few” DDOS attacks as well as unsophisticated DNS amplifications, and it was coming “from everywhere”.
“The stuff we had to start dealing with was quite serious,” Hughes said, “that potentially would have had service impact if the right controls weren’t in place.”.
Businesses shouldn’t forget that hacktivism still exists. “It’s not like that’s gone away,” Hughes said. “People who are very gifted individuals who want to have a go at something are still doing that.
“That said, I think recently from some of the stuff we’ve seen, for example, the targets against the US banks, that’s becoming a lot more sophisticated, not just as hacktivism but a lot more concerted,” Hughes said. “I think the way I would characterise those attacks is there’s becoming more financial motivation, I think there’s evidence clearly about criminals becoming more sophisticated in using those types of tools now for financial gain”.
Martin Brown, chief security portfolio architect at BT, said there are vastly different levels within hacktivism, from the technically proficient to people who simply want to get involved.
“Some of the hacktivist campaigns that have gone on over the last 18 months or so, and if you follow what’s going on on Twitter and IRC, you have the core people who are evangelising their point of view on why they want to carry out their attacks,” Brown said. “At the same time, you’re seeing them package how-to instructions on installing and running LOIC, people asking how to set it up and if it can be run on Windows. There’s different tiers taking place within this. There’s different scenarios taking place, some are very capable, some are there to participate but don’t know what they’re doing”.
Hughes distanced BT from culpability if malicious events did run on the company’s infrastructure. “We have a huge consumer base in the UK, I’m sure there are people who buy DSL circuits from us with nefarious purposes, but they’re the ones who are the motivated criminals – by us supplying services to our customers we enter that contract in good faith with our customers, and it’s up to them whether they break the law or not.
Responding to TechWeekEurope’s Tom Brewster about BT’s collaboration with British spy agency GCHQ, Hughes responded first with an audible gulp, second by saying there are “commercial services that we will supply to any government department”.