London 2012

Share

Related Links

Related Stories

  • The Olympics: Users must protect their own cyberspace
    In a report partly drawing on the Mansion House speech earlier this week by Jonathan Evans, head of the UK Security Service, the Associated Press has delivered an analysis of the astonishing level of government security being used to protect the London 2012 Olympics.
  • Preventing an Olympic-sized Disaster
    With the London 2012 Olympics almost upon us, Stephen Pritchard looks at the wider impact that the Games may have on London and the UK’s infrastructure. He finds that networks, businesses, transportation and remote working are all causes for concern
  • Millions apply for Olympic tickets despite site crash
    Around 20 million tickets for the London 2012 Olympics were applied for on Tuesday night despite a surge in demand causing the site to crash.
  • Olympic ticket sales website glitch affects Visa cardholders
    As applications for tickets for the London 2012 Olympic Games opened, some Visa card users were unable to register after a payment system glitch on the ticket website.

Top 5 Stories

News

RSA Europe 2013: The Lessons BT Learnt from Securing London 2012

30 October 2013

The lessons learnt from securing the digital infrastructure at the London 2012 Games have given BT a better understanding of how to do cyber defence, said Mark Hughes, CEO of BT Security in his keynote at RSA Europe today

Hughes reflected on an “astonishing summer as one of the sponsors of the most digitally connected Games ever” and shared some of the key challenges with the audience. While he declared “flawless execution with no breaches or downtime”, he admitted that beneath the surface “there was a lot of paddling going on and an extraordinary amount of attacks being attempted.” More specifically, the following was detected:

  • At least one hacktivism campaign each day
  • 2.31 billion counterpane events analysed = 77 incident tickets
  • BT prevented 11,000 malicious requests per second
  • 212 million malicious connection attempts blocked
  • On August 4th, ‘Super Saturday’, 128 events were detected

“You may think that no-one wants to hurt the Games, but there are plenty of people out there that wanted to disrupt the Games and our services, and we needed to ensure we have the right people and processes in place and the ability to react and respond.”

Service availability was BT’s top priority, which meant a strong focus on DDoS attacks and threats that would have an effect on service. With an infrastructure the size of a medium-sized town, and four networks to be responsible for: broadcast network; network for timing and scoring; network for Olympic family and the organisers’ network, “failure of service was not an option. It even said so in our SLAs”.

The 2012 website was also the responsibility of BT and the fifth most visited site in the world during the Games (with 39.6 billion page views). Site stability and dense and effective WiFi hotspots were crucial to the success.

With seven years to design the infrastructure and security, Hughes declared the time both an advantage and a challenge, “A lot of changes will happen in seven years so you need flexibility in design.” Many BT customers in hindsight said they wished they had been better prepared and increased their network capacity.

Lessons Learnt

Experiences and challenges from the Games allowed BT to “re-consider how we do defensive and protective operations.” One lesson which Hughes highlights as particularly significant is that “it’s as much about having the right people and processes in place as it is about having the right technology and censors.”

Hughes stressed the importance of data analytics and real-time defence. “Our cyber defence operations team understands what our critical assets are, the risks, and our network infrastructure.”

During the Games, there was an increase in phishing and DDoS attacks. These threats, Hughes said, have continued. “Cybercrime motivations are more financial than ever before, and focussed attacks are more popular these days. What we learnt from 2012 has given us a much better understanding of how to secure things within BT.

“There is also a huge amount of scope in the industry to automate and analyse more data in real time and turn that into action”, Hughes concluded.

 

 

This article is featured in:
Application Security  •  Internet and Network Security  •  Malware and Hardware Security  •  Security Training and Education

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×