While hackers like “Fancy Bears” may continue their mission to create headline-grabbing attacks and disruptive behavior, there are steps every institution across the world and in varying industries can take so they don’t fall victim. Credit: NBC Every two years, news cycles are dominated by stories surrounding the Winter or Summer Olympics. While stories typically focus on athlete preparations, gold-medalist predictions and the host city, this year’s crop of articles include a new topic: cybersecurity. On the heels of a year that saw a barrage of detrimental cyber-attacks, it should be no surprise that the same hackers who claimed ownership for leaking Hillary Clinton’s emails and attacking the Rio Summer Olympics are also taking responsibility for initiating a phishing scam and targeting airports, government workers and employees of this year’s Winter Olympics.There’s clearly a theme behind how the Russia-linked group named “Fancy Bears” identifies its targets; similar to past attacks, this one was guaranteed to give them high-visibility and create a level of distrust on a global scale. In addition to the target, there’s also a consistency between attacks regarding how they’re engineered. Email continues to be the preferred entry point for hackers, who use social profiling tactics to entice individuals to open a document, click a link or share confidential information. And although recent reports indicate that the hackers obtained a small number of emails from individuals associated with the Olympics, it would not be surprising to see the group try to escalate its attack once the games kick off. Enough leaked information could put the International Olympic Committee in a bad light and cause global citizens to question its ability to run a tight ship.But that’s not for lack of trying from the host country. South Korea made it clear that the country would be taking extra measures to ensure the safety of the 2018 Winter Games, including setting up a dedicated cyber defense team. The government reportedly invested 1.3 billion won ($1.2 million) for cyber security protection in 2017. Unfortunately, the weakness lies in the infrastructure of the International Olympic Committee’s IT system, which is rebuilt every two years to support the current games. Without a consistent system in place, it’s difficult for the organization’s cybersecurity protocols to be bulletproof. This is particularly problematic given that many of the individuals associated with the games are likely volunteers, who – unless hired full-time – probably don’t receive an Olympic-specific email address.In order to prevent the increase of these attacks or any future hacks, the International Olympic Committee should consider several security steps, such as: Training employees and volunteers to be ‘security aware’This is particularly crucial for part-time employees who may use personal email addresses or operate outside of the committee’s IT system. Every individual involved in the organization should be educated on topics such as how to spot fake emails and not to click on links that seem suspicious. There should be a specific on training how to spot common hacking tricks to better identify suspicious activity – especially phishing emails.Adopting strong email and communications compliance systems year-roundWith the proper system in place, the International Olympic Committee would be able to quickly identify risky behavior among employees and volunteers, manage and archive confidential records and flag security threats before a hack happens. A strong system would also track previous hacks to ensure those gateways are closed and impervious to a future attack. Implementing Domain-based Message Authentication Reporting and Conformance (DMARC) protocolDMARC is an email authentication, policy and reporting protocol that can help remove the guesswork from emails and help limit or eliminate exposure to potentially harmful phishing or spam tactics. For employees and volunteers who often fall victim to spoof emails and can’t identify what’s real from what’s fake, having a backup system in place could be the secret to preventing another attack. While hackers like “Fancy Bears” may continue their mission to create headline-grabbing attacks and disruptive behavior, there are steps every institution across the world and in varying industries can take so they don’t fall victim. Investments in the proper technology and cybersecurity best practices are essential pieces to that strategy, and what organizations like the International Olympic Committee should consider to ensure the security of one of the most-watched events in the world. Related content opinion X-ray your SaaS apps to reveal hidden security vulnerabilities Best practices to understand security evaluations what is happening "under the hood" of cloud/SaaS applications. By Greg Arnette Jun 08, 2018 5 mins Technology Industry SaaS Application Security opinion Exploring the paradigm shift from backup to data protection Smart organizations evaluate their overall data footprint and transform their traditional back office IT to a streamlined data protection approach for both cloud and on-premises data. By Greg Arnette May 01, 2018 5 mins Backup and Recovery Cloud Security Disaster Recovery opinion The wild west of cryptocurrency security – and what the future holds Time will tell how virtual currency security issues ultimately get resolved, but as we wait, keep changing those passwords and please, try not to throw away your key. By Greg Arnette Feb 23, 2018 4 mins Financial Services Industry Technology Industry Data and Information Security opinion What’s in store for security in 2018? 2018 will be a crucial year in determining our strength against vicious hackers. Here’s a glimpse at what we can expect. By Greg Arnette Dec 15, 2017 3 mins Data Breach Technology Industry Hacking Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe