Print
Discuss
Send to friend
RSS feeds
With a little over two months until the 2004 Olympiad flies off the starting blocks, systems integrator Atos Origin - the company responsible for managing the world's largest sports technology project - insists that no Trojan, worm or virus will bring the games to a standstill.
But with 10,500 computers, 450 servers, 450 Unix boxes, 4,000 results terminals and a predicted 200,000 security alerts a day, the IT organisers face an Olympian challenge of their own.
Builders might be working around the clock to finish the roof on the main stadium, but most of the IT projects have been finished for months and are now undergoing 200,000 hours of testing, using 5,000 test cases.
Around 10,000 defects will be found and corrected prior to the Games, with a team throwing everything possible at the systems to test their resilience to all considered IT security threats.
Each system has at least two cloned back-ups should the original fail, and even the top secret data centre, which will retain all the Games information, has a twin hidden in a remote location outside Athens capable of protecting the systems even in the wake of an earthquake.
A big factor ensuring that systems are not attacked is Atos' decision to plug any possible point that could bring a security breach, both physical and virtual.
The firm is stripping out possible intrusion points into the network in its 10,500 Olympic PCs, including USB ports and floppy disk drives, and is deploying antivirus, firewall and intrusion detection devices.
But what about human errors or physical attacks? Every volunteer and member of staff is being security checked by the Greek authorities, and only then issued an Olympic accreditation pass which has a photo ID and a barcode containing information on privileges and access rights.
Only those who are supposed to be using a specific PC or application will be authorised to do so.
Not even the top IT security team can be nobbled, according to Yann Noblot, Atos' information security manager. No one person will have access to the entire technology infrastructure, with 218 different system profiles set up to limit access.
But despite all the planning, what will happen if the Olympics IT infrastructure is hit by a catastrophic attack?
As the UK coastguard saw with the recent Sasser worm, no amount of advanced planning can save you from what you cannot predict or least expect; how can you fight what you cannot see?
This is why it is vital that the Olympic IT team also builds contingency plans to resurrect the system should it be targeted.
The 2004 Olympics will be the biggest event on the globe with the whole of the world's media scrutinising every detail.
Horrible as it is to imagine, it will be the prime target for all terrorists - both physical and cyber - looking to make a name in the history books for all the wrong reasons.
Looking at past attempts at Atlanta and Salt Lake City, it seems almost inevitable that someone will try and bring down the system. But Atos has contingency plans in place to isolate sick parts of the IT infrastructure and make venues run on standalone if needs be.
My biggest concern is that, despite all the security checks, a human Trojan Horse - one of the 2,000 volunteers invited to use the IT during the games - will be the greatest risk to the system.
After all, the man who recently caused mass hysteria in the House of Commons with his powder attack was invited in by a member of the Lords.
Let's just hope that the people authenticating the staff behind the games are just as diligent as the firm managing the technology.
del.icio.us
Digg this
reddit!
