AOH :: ISNQ4950.HTM

Britain teams bound for Beijing put on alert as hackers spark web of intrigue




Britain teams bound for Beijing put on alert as hackers spark web of intrigue
Britain teams bound for Beijing put on alert as hackers spark web of intrigue



http://www.timesonline.co.uk/tol/sport/more_sport/article3048428.ece 

By Owen Slot
Chief Sports Reporter
The Times
December 14, 2007

Computer hackers in China have broken into the information databases of 
the governing bodies of two British Olympic sports and, The Times can 
reveal, the Olympic family in the UK has been alerted that, with the 
Beijing Games less than eight months away, those threatening their 
security may be doing so to gain an illegal competitive advantage.

The first sport targeted was GB Canoeing, which was hit in October. The 
other Olympic sports in Britain were immediately informed, but the IT 
system of the Amateur Boxing Association of England (ABAE) was then 
subject to eight attacks over a three-week period and two investigations 
have traced all this activity back to internet protocol (IP) addresses 
in China. This wasnt kids mucking around, Paul King, the ABAE chief 
executive, said. This was a real professional job.

Fears that these crimes may have been staged to steal information to 
help the perpetrators in the Games next summer were confirmed on 
Wednesday in an e-mail seen by The Times, which was part of the report 
delivered by Synergic UK Ltd, the IT partner of GB Canoeing that carried 
out the investigation into the attack on the website.

The report said: In this case the source was China and the type of 
attack highly sophisticated and targeted. Fortunately, the servers 
involved held no performance data and it is our belief that this was the 
information being sought.

The review by Synergic into the security of the GB Canoeing websites 
servers worryingly exposed a lack of understanding of data security 
issues and the very real threats posed in the run-up to and in the Games 
themselves. It also advised that it is vital that staff are aware that 
there is a genuine threat to and indeed focus on gaining access to 
information that could be of help to the competition.

GB Canoeing and the ABAE are confident that no critical information has 
been stolen. Paul Owen, the chief executive of GB Canoeing, said that if 
such information was what the attackers were after, they were looking in 
the wrong place.

King, however, explained that the attack on the ABAE systems, if more 
successful, could have been costly from a competitive point of view. We 
have all our individual assessments for all our boxers their strengths, 
their weaknesses stored on our system, he said. We also hold information 
on the international competition.

Take Alexey Tishchenko [the Olympic champion from Russia], for instance, 
who Frankie Gavin [the British lightweight who has qualified for 
Beijing] beat in the World Championships recently. No one had beaten him 
for four years and our postfight analysis what we did to beat him that 
no one else had done might well be useful.

Despite the security investigations, no one can be sure of the motives 
of the hackers or even their origin. And because the IP addresses were 
Chinese does not necessarily rule out the possibility of another foreign 
national working from a Chinese address. Indeed, the systems were 
subject to viruses and may simply have been a victim of sabotage, 
although the fact that two Olympic bodies were targeted within such a 
short space of time has fuelled fears that this may be a crime of a 
sporting nature.

The British Olympic Association (BOA) confirmed yesterday that it has 
been sufficiently concerned to have informed the IOC. Attention was 
drawn to us about this situation, Simon Clegg, the BOA chief executive, 
said. I thought we had a responsibility to share it with the Olympic 
family. It is a real danger when you consider how much information is 
held electronically. I simply dont know who is behind this, but I am 
concerned about the amount of information we hold in this way.

Owen said: We were concerned that data had been downloaded and taken 
away, but we do not believe that that has been the case. And we 
naturally think it might be someone trying to get into our Olympic 
intelligence, though we have no evidence to believe that. Ill actually 
be more worried about when we get to Beijing next summer. Will the 
phones be tapped?

This is not the first time that Britain teams have had such a brush with 
next years hosts. The sailing team the leading international force in 
their sport have not had equipment returned to them that was confiscated 
by the Chinese authorities in March.

They have been renting a house in Qingdao, the sailing venue, throughout 
the past year and, as is their standard practice, had installed 
equipment to monitor weather patterns. What concerns them is not so much 
the value of the equipment but the value of the data to which they no 
longer have access. Despite requesting its return, the equipment has not 
been given back.

To add to that, when they were in Qingdao for the preOlympic test event 
in August, they discovered that Chinese officials had been looking 
around their accommodation during daylight hours when they were out on 
the water competing. The team even had security staff on the door of 
their house, but one of the visitors happened to be the Mayor of Qingdao 
head of the organising committee for the sailing event who insisted that 
he be allowed in.


Spies like us

Sports have long resorted to espionage to get the upper hand on rivals.

* In the Americas Cup, the keels of boats are covered in skirts to 
  prevent other teams from noting their design. In 1983, guards chased 
  away American divers who had tried to take a peek at the keel of 
  Australias entry.

* In 2001 it was alleged that the Lions rugby team had been spied on 
  during their tour to Australia. Before the 2003 World Cup final, the 
  England changing-room was swept for bugging devices.


__________________________________________________________________      
Visit InfoSec News
http://www.infosecnews.org/ 

Site design & layout copyright © 1986-2014 CodeGods