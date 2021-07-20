Attivo Networks Comment: FBI issues warning that threat actors may target Tokyo Olympics

July 2021 by William (Tony) Cole, Chief Technology Officer, Attivo Networks Inc

“The FBI warned that threat actors might be targeting the Tokyo Olympics. Attackers have targeted almost every Olympic Games event during the connected era of the Internet in one form or another, so in reality, it would be a surprise to many defenders if the Tokyo Olympics weren’t attacked. Previous discussions with Olympic organizers focused on defense in Rio and Tokyo showed me that they start their planning years before the games occur to minimize potential disruptions to the event, all with the knowledge that it may not be enough. Well-resourced and determined adversaries will find a path into the environment sooner or later, so early detection is the key to countering these attacks and mitigating possible impacts. The FBI makes some fine points in their ‘Private Industry Notification’ (PIN) alert that should be followed; however, they miss one critical point – identity security. Microsoft’s Active Directory is used by most organizations around the globe and is like the ‘GPS’ of an enterprise, providing identity services for users, applications, and other resources. Attackers also use it in about ninety percent of attacks. This is an area that must be diligently focused on to counter attacks successfully. As part of the cyber hygiene process, identities must be tracked for privilege escalation, and lateral movement must be a focus. If not, we will continue to see attacks hit major enterprises and potentially interrupt beloved special events such as the Olympics.”