IT boss Gerry Pennell says Olympic infrastructure can defeat cyber terrorists
IT chiefs in charge of cyber security at the London 2012 Olympic Games believe the infrastructure in place will make it difficult for attacks, particularly of the DDoS variety, to succeed.
Earlier this year Gerry Pennell, CIO of the London 2012 Olympics told CBR that the high profile nature of the event means that an attack is inevitable. "We will be the target of a cyber attack. It’ll happen for sure," he said, adding that his team and its partners were working to ensure the systems could stand up.
Now, with the Games less than a year away, Pennell says he is confident a cyber attack will not succeed in bringing down the Games’ IT systems.
"We will be using a content distribution network to push data out, which means our dependency on a central host architecture is much lower. What that means is that it is very hard to launch a distributed denial of service attack (DDoS), simply because our front-end is so dispersed," he said.
"We designed our approach to information security into our architecture from the beginning," Pennell continued. "We keep mission-critical Games systems, such as anything to do with distributing results, quite insulated from other components of the network, particularly anything web-facing, thus making it extremely hard for an external attack to succeed."
Pennell was speaking at the launch of the Technology Operations Centre (TOC) in London’s Canary Wharf, where the systems that control the delivery of results of all Olympic events will be monitored and controlled.
It will house a permanent staff of 450, made up of Atos employees, staff from the London 2012 Technology team and other partners, who will work in shifts of 180 staff to ensure the operation is monitored 24/7, Pennell said.
Pennell said the team there is going through an extensive period of testing – one that will continue until just a few months before the Games begin. Eighteen test events have so far been completed, with a further 42 to go.
In March and May of next year two three-day test events will be held, when the team will simulate hundreds of worst-case scenarios to test the readiness of the team and systems. These could range from a DDoS to a physical attack at the TOC to someone unplugging a cable, Pennell said.
Pennell said: "The test will be first, to see if the resilience we’ve built in to our system does what it’s supposed to do in terms of automatic backups and so on, and second, does the operation itself respond to those problems in the way it needs to?"
He also added that the team was working on developing mobile apps for Android, RIM, Apple’s iOS and Windows Phone to deliver live, up to date results to users and to help guide people around the various venues in London and around the UK.