Olympic experts sure they can repel cyber threats

July 3, 2012: Technology experts work in London 2012 Olympic games Technology Operations Centre (TOC) in London's Canary Wharf financial district.

Vital computer systems for London's 2012 Olympic Games have come under repeated cyber-attacks -- but only from hackers who were invited to join in thousands of hours of security tests.

Atos, the lead technology company for the Summer and Winter Games since 2002, said Tuesday it had carried out more than 200,000 hours of testing, including mounting simulated attacks. It's all aimed at protecting the systems that will deliver results to Olympic venue scoreboards, event timetables to athletes, and Olympic accreditation information to British border officials.

The company is responsible for about 11,500 computers and servers at locations across Britain. Starting next week, it will run its Olympic Technology Operations Center -- based in Canary Wharf, close to the Olympic stadium -- around the clock, monitoring possible cyber threats second by second.

Michele Hyron, the company's chief integrator, said to help test its defenses Atos had drafted in so-called "ethical hackers" -- specialists capable of mounting sophisticated attacks who use their knowledge to test systems rather than disable them.

"We are using ethical hackers for that, we are using external companies, we are using people from our own company who are specialized in that kind of activity," she said. "We are preparing ourselves in terms of testing to cover all the kind of threats to the Olympic Games."

She spoke at the technology center, where banks of experts were lined up in long rows according to their individual expertise.

A quarter of the London Olympic organizing committee's overall budget of $3.1 billion has been spent on technology. Atos is expecting to handle 2 million pieces of key data throughout the event -- 30 percent more than at the 2008 Beijing Olympics.

In Beijing, experts encountered about 12 million potential cyber security problems each day. Hyron said Atos expects to see between 12 and 14 million events per day during the London Games, though only about 20 a day will be categorized as formal incidents -- actions that require investigation.

"Our role is to do monitoring in real time and within milliseconds block any line that is showing abnormal behavior -- then it's a problem for police or law enforcement to work out if that is an attack or not," said Patrick Adiba, executive vice president at Atos for the Olympic Games and major events.

For hackers, a gold medal attack would be to light up Olympic scoreboards with politically-motivated messages, a feat Adiba says would be almost impossible to achieve.

"It is very unlikely, as it all operates on a very secure network. It would be quite complicated to get into this network without being detected," he said. "It can never be 100 percent, but it is close to 100 percent."

Adiba insists the threat from cyber-attacks to the overall running of the games can be managed.

"For us, if some of our staff get food poisoning the day before the competition, it's a bigger threat than a cyber-attack, because you don't have the people to operate systems," he said.

However, Britain's minister responsible for cyber terrorism, Francis Maude, warned in May that the Olympics would "not be immune to cyber-attacks by those who would seek to disrupt the Games."

So far, concern has focused mainly on online fraud related to ticket sales. Britain, however, has said it is also wary of the threat from "hacktivist" groups mounting attacks to highlight particular political or social causes.

U.S. authorities noted last winter that Iranian hackers defaced the website of Azerbaijan's National Olympic Committee, posting anti-Israeli comments.