Hacking groups that have politically-charged motives for disrupting normal operations of high-profile targets are constantly changing their cyberattack strategy. These evolving hacking methods make it difficult for IT security professionals to keep up and adequately protect organizations against their attacks, . Cybersecurity firms will have to be on guard after a newly released report by threat intelligence company CrowdStrike shows one of the events cybercriminals may look forward to interrupting is the 2014 Winter Olympics held in Sochi, Russia.

As an international event that will draw in skilled athletes to compete and millions of viewers from around the world hoping to cheer on their national teams, cybercriminals could try to launch strategic Web compromises (SWCs) against the winter games. These hacking groups may be motivated politically in their attacks, which could involve spreading malware infections through phishing emails, . One of the most notorious hacking groups that target well-known companies and websites for political gain is the Syrian Electronic Army. The group, which supports Syrian President Bashar al-Assad, made headlines in 2013 after taking over the social media accounts of reputable news organizations, including Reuters.

Cybercriminals Changing Up Strategy
In modifying their strategy, cybercriminals could go after third-party devices and accounts, rather than attacking the servers that are directly involved with major events, like the Olympics. Other events that could also be hit with cyberattacks include the World Cup, also taking place this year, and the G20 Summit, according to CrowdStrike.

"Expect to see adversaries targeting third-party vendors [in 2014] in an attempt to compromise the ultimate target," the report stated. "Third-party vendors often have less-robust security than their larger customers, and their networks offer an avenue through which those customers can be compromised."

Despite the challenges that cybersecurity firms must face with politically-motivated cyberattacks,  Co-founder and Chief Technology Officer of CrowdStrike Dmitri Alperovitch said they will have to be prepared for attacks in the future.

"One of the things we tried to do with this report is to look forward at potential future attacks, rather than just looking back at the year," Alperovitch said. "With good threat intelligence, every organization should be able to do predictive analytics based on its history and the history of security events. If you know what your attacker did last year, you can get a sense for what he might do this year."

Leave a Reply