“Atos Origin successfully protected Torino Winter Olympic Games IT Infrastructure”
Paris, 23 March 2006
Atos Origin, the Worldwide Information Technology (IT) Partner for the Olympic Games, today announced that the IT Security solution built into the Torino 2006 Olympic Winter Games IT infrastructure prevented any attacks from viruses and hackers ensuring that there was no disruption and that the results were relayed to the world and to the media accurately and on time.
During the 16 days of competition, an average of 3,100,000 events were processed by the security logging & monitoring systems per day. After processing by aggregation, correlation and/or triggering rules 49,000 events were escalated daily, out of which 158 major events and 10 critical were recorded, and NO Impact on the Games network was reported. The IT team was able to respond in a timely manner to all the critical alerts and prevent unauthorized access to the Games' network.
"Atos Origin was able to effectively and efficiently manage the large number of IT security events that were recorded during the Games to ensure that there was no disruption to the Games IT infrastructure," said IOC Technology Director, Jean-Benoît Gauthier. "Our Worldwide IT Partner deep experience with past Olympic Games allows them to bring unmatched insight into how to protect the vital IT operations that make the Olympic Games possible."
Based on a risk assessment involving 52 attack scenarios, Atos Origin has designed and implemented strong preventive and detective measures that ensured the protection of the Games infrastructure against potential IT security breaches. These controls include:
- Access control: only authorized systems and people can connect onto the Games network. Access control mechanisms have been implemented at the Network, Operating System and Application levels.
- Network segmentation & segregation: the Games network has been segmented into different logical networks in order to control and monitor the flow of data going from one service to another. This architecture allows to restrict and contain any potential intrusions.
- Centralized identity management: this solution has been implemented to efficiently and securely create systems accounts for Technology staff and users. This activity has required the definition of more than 200 different roles and associated access needs.
- Centralized real-time security monitoring: real time environment requires real time monitoring and as such, Atos Origin has designed and implemented a solution to generate, collect, filter, aggregate and correlate millions of security events a day. All these activities are performed in real time in order to allow the IT team to react to potential security incident in a timely manner.
Through extensive testing before the Torino Winter Olympic Games, the IT security team has been able to understand what was “normal behaviour” within the Games systems - application, network traffic, etc - in order to adapt the security controls and detect abnormal activities. Atos Origin has also extensively trained the entire IT team in IT security policies and procedures, that define the rules protecting the Games' IT infrastructure. At Games' time, the IT security team was operational 24x7 in order to detect and respond to any incidents that occur, day or night.
Intrusion attempts included accredited people trying to unplug Games systems, such as INFO2006 terminals in order to connect their own laptops, and users attempting to log in with administrative accounts. From the Athens 2004 Olympic Games to the Torino 2006 Olympic Winter Games, the IT security challenges were the same: control the activity inside the Games network.
"In an environment providing real time information to media, any security incident, triggered with malicious intent or not, can have disastrous consequences," said Patrick Adiba, executive vice-president Olympic Games and Major Events at Atos Origin. "For a highly visible event like the Olympic Games, the challenge of IT security is not only to prevent unauthorized people from accessing the systems but to control the activity of authorized people inside the Games Network. Using risk management as a starting point, we were able to correlate and filter security alarms to identify and manage the most critical security events".
The Atos Origin contract with the International Olympic Committee (IOC) is the largest sports-related IT contract covering: Salt Lake City in 2002 (operating as SchlumbergerSema); Athens in 2004; Torino in 2006; Beijing in 2008; Vancouver in 2010; and London in 2012. Atos Origin has primary responsibility for Information Technology, relating to IT consulting, systems integration, operations management, information security and software applications development for the Olympic Games.
About Atos Origin
Atos Origin is an international information technology services company. Its business is turning client vision into results through the application of consulting, systems integration and managed operations. The company's annual revenues are EUR 5.5 billion and it employs over 47,000 people in 40 countries. Atos Origin is the Worldwide Information Technology Partner for the Olympic Games and has a client base of international blue-chip companies across all sectors. Atos Origin is quoted on the Paris Eurolist Market and trades as Atos Origin, Atos Euronext Market Solutions, Atos Worldline and Atos Consulting.
For further information, please contact:
Tel: +33 1 55 91 24 74
Tel: +33 1 55 91 26 33