Booz Allen Commercial delivers advanced cyber defenses to the Fortune 500 and Global 2000. We are technical practitioners and cyber-focused management consultants with unparalleled experience – we know how cyber-attacks happen and how to defend against them.
Our strategy and technology consultants have empowered our international clients with the knowledge and experience they need to build their own local resources and capabilities.
In facing challenges of modernization, our Middle East and North Africa clients have complex requirements that benefit from our proven experience in guiding major programs and projects for governments and private-sector organizations. The services we offer in UAE, Qatar, Egypt, Turkey, Kuwait, Morocco, Jordan, and other regional countries build on our consulting legacy.
Our clients call upon us to work on their hardest problems—delivering effective health care, protecting warfighters and their families, keeping our national infrastructure secure, bringing into focus the traditional boundaries between consumer products and manufacturing as those boundaries blur.
Booz Allen was founded on the notion that we could help companies succeed by bringing them expert, candid advice and an outside perspective on their business. The analysis and perspective generated by that talent can be found in the case studies and thought leadership produced by our people.
Learn more about Booz Allen's diverse culture and environment of inclusion that fosters respect and opportunity for all employees.
We've come a long way delivering innovative solutions. But our next chapter is still being written.
Our 22,600 engineers, scientists, software developers, technologists, and consultants live to solve problems that matter. We’re proud of the diversity throughout our organization, from our most junior ranks to our board of directors and leadership team.
Booz Allen takes pride in a culture that encourages and rewards the many dimensions of leadership—innovative thinking, active collaboration, and personal service. We’re particularly proud of the diversity of our Leadership Team and Board of Directors, among the most diverse in corporate America today.
When eleven-time U.S. Olympic medalist Mark Spitz said “If you fail to prepare, you’re prepared to fail,” he was talking about Olympic athletes, but the same could be said to cybersecurity professionals in the lead-up to the 2018 Winter Olympics, hosted in Pyeongchang, South Korea.
For more than a decade, state-sponsored, hacktivist, and criminal cyber activities have been mainstays of the world’s premier sports event, and we’ve already seen evidence of Olympics-related cyber-espionage and cybercriminal operations in 2018. Here's what network defenders should watch for this year.
“4 cyber threats to watch for at the Winter Olympics this year #Cybersecurity #IoT #Infosec”
The Olympics attract the eyes of the world—a fact that drives many governments to seek advanced warning of incidents that may cast them in a negative light during the event. Athletic organizations, foreign government organizations, and media outlets are just a few examples of organizations that may be targeted for this information. Alleged Russian government hackers are suspected of having targeted Olympic organizations for this purpose during the 2016 Rio Olympics and now again during the run-up to 2018’s Winter Games.
The Games also provide ample opportunity for state-sponsored actors to target visiting politicians, executives, journalists, and other individuals who may be sources of intelligence on a variety of topics. Compromised hotel and public WiFi networks, and even intrusions into major network infrastructure can be used to spy on high-powered Olympics visitors. Late December 2017 reports of Olympic organizations receiving malware-laced phishing emails suggest that traditional cyber espionage may already be underway. However, most cyber espionage will likely remain in the shadows, perhaps coming to light only well after the operations end.
Russian information warfare often attempts to drag down adversaries by embroiling them in controversy. Olympic organizers appear to be in the crosshairs of such operations following allegations of doping by Russian athletes. Fancy Bears’ Hacking Team (FBHT)—a hacktivist organization allegedly associated with the Russian government—has repeatedly leaked confidential data from multiple Olympics organizations, beginning in the lead-up to the 2016 Summer Olympics in Rio and continuing to the 2018 Winter Olympics. The leaks appear to be an attempt to undermine the legitimacy of Olympic regulatory bodies and portray Russia as the true victim of a sporting regime built on hypocrisy. FBHT’s latest attempt to stir the pot may extend past the conclusion of the 2018 Games.
3. Cybercriminals Could Prey on Fans Using Olympics-Themed Lures
The Olympics present cybercriminals with a massive audience primed for social engineering. Opportunities abound to lure fans into unwittingly installing malware on their devices, disclosing sensitive information (e.g., credit card numbers, login credentials), or falling prey to a host of other nefarious schemes. In past Games, cybercriminals have deceived victims with Olympics-themed phishing emails, fake malware-hosting Olympics “live streaming” websites, and Olympics-themed malicious mobile applications. It’s highly likely that these tactics will prove equally attractive during the 2018 Winter Games.
On the ground, an influx of unsuspecting Olympics spectators provides cybercriminals with an enticing target. Rogue Internet hotspots, compromised ATMs and point-of-sale systems, and compromised hotel and public WiFi networks are just a few of the proximity-based cybercriminal tactics that we expect to be employed in Pyeongchang. During the 2016 Rio Olympics, security researchers discovered multiple phony wireless networks distributed throughout the city, many presumably setup to compromise users.
4. Issue-Driven Olympic Hacktivists: A Sporadic Threat
Hacktivist attacks against the Olympics, sponsoring-organizations, and even organizations not directly affiliated with the Olympics remain a possibility. The threat, however, is sporadic, non-persistent, and largely issue-driven, meaning that hacktivist attacks may arise with little notice, but will probably be relatively short-lived. Attacks may be directly related to the Olympics, or in response to completely unrelated geopolitical, economic, or social issues. In one example, Chinese hacktivists launched a DDoS attack against the Australian competitive swimming association in 2016 after an Australian athlete called a Chinese competitor a “drug cheat.”
We consider it unlikely that cybercriminals will use completely new, highly advanced tactics to target victims during the 2018 Olympics. Observed activity from previous Olympics suggests that spear-phishing emails, email-attached malicious documents, and links to credential phishing pages will be used to initiate most cyber attacks. In fact, this is a trend that we are already seeing unfold in the run-up to Pyeongchang.
Network defenders need to remain vigilant to proven network intrusion tactics during the Games, and network users should give extra scrutiny to website links or email-attached documents that reference the Olympics. Travelers to the Olympics can reduce the likelihood of some Internet-based attacks by using virtual private networks (VPN) when connecting to unknown networks, or avoiding the use of free, unsecured public Internet hotspots altogether.
Get a full picture of this year's most likely threats plus a list of malicious domains, MD5 hashes, and other indicators of compromise associated with this year's Olympic games.