The games are scheduled to begin July 26, 2024, with cybercriminals lurking in the shadows, armed with
            malware, phishing tactics, and ransomware. Their target? The vital services of the games: retail, ticketing,
            travel,  and  hospitality.  Organizations  need  to  stand  guard  over  their  information  technology  and
            cybersecurity hygiene not just during the Olympic Games but daily.


            The  best  way  to  stay  safe  in  the  face  of  these  emerging  threats  is  to  remain  vigilant  and  informed
            regarding the tactics and methods of threat actors. The following are some of the threats to watch for:

               1.  Account Takeover and Credential Stuffing:
                   •  With increased financial transactions during events like the Olympics, the risk of account
                       takeover and credential stuffing attacks escalates.
                   •  Cybercriminals exploit weak or reused passwords to gain unauthorized access to user ac-
                       counts.
                   •  Vigilance in monitoring account activity and using strong, unique passwords is crucial.


               2.  Social Engineering via Phishing Emails:
                   •  Expect a surge in phishing emails related to the Olympics. These deceptive messages often
                       promise “promotional offers” or “special deals.”
                   •  Unsuspecting recipients may click on malicious links, leading to compromised  systems or
                       stolen credentials.
                   •  Users should verify the legitimacy of emails and avoid clicking on suspicious links.


               3.  Ransomware and Malware Attacks:
                   •  Cybercriminals seize major events as opportunities to sow chaos. Ransomware attacks can
                       disrupt critical systems, holding them hostage until a ransom is paid.
                   •  Malware, disguised as legitimate files or software updates, can infiltrate networks and com-
                       promise sensitive data.
                   •  Regular security updates, robust backups, and employee training are essential defenses.


               4.  Ad Fraud (Including Click Fraud):
                   •  Ad fraud targets digital advertising networks for financial gain. One common method is click
                       fraud, where bots artificially inflate ad clicks.
                   •  During high-profile events, cybercriminals exploit increased ad traffic to perpetrate fraud.
                   •  Advertisers and platforms must implement fraud detection mechanisms to safeguard ad
                       budgets.


               5.  Malvertising:
                   •  Malvertising injects harmful code into legitimate online ads. When users click on these com-
                       promised ads, they unwittingly expose themselves to risk.
                   •  Vigilance while browsing and using ad blockers can mitigate exposure to malicious ads.
                   •  Organizations should monitor their ad networks and promptly address any suspicious activ-
                       ity.


            Consider how the threats mentioned  earlier apply to your organization’s  internal network.  It’s crucial to
            recognize  that not all end users prioritize  security but whether  it’s clicking on the wrong link or an end




            Cyber Defense eMagazine – August 2024 Edition                                                                                                                                                                                                          217
            Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.