By Marguerite Reardon
Friday, July 23 2004 11:23 AM
URL: http://www.zdnetasia.com/news/security/0,39044215,39187792,00.htm

Terrorism isn't the only security threat officials are worried about at this summer's Olympic Games in Athens. They're also concerned about viruses and worm attacks that could cripple the Olympics' data network.

"Our biggest concern is that somebody could intentionally or by mistake infect one of the networks and create severe damage," said Jean Chevallier, executive vice president at Atos Origin, the Paris-based company in charge of building the data and broadcast networks for the Olympic Games in Athens. "We don't want any type of traffic incident that could delay the posting of results or slow the network in any way," Chevallier said.

Atos, which first took charge as the primary systems integrator for the Olympic network for the Salt Lake City Games in 2002, has a contract with the International Olympic Committee to build networks for the 2006 Winter Olympics in Italy and the 2008 Summer Olympics in China.

Chevallier said network security was also a big concern in Salt Lake City but that in the past two years, the emphasis has changed. The Olympic Games in 2002 were only six months after the terrorist attacks on Sept. 11, 2001, in New York and Washington, D.C.

Chevallier said his team worked around the clock to add last-minute security to ensure that confidential information about athletes and officials was protected.

Since then, concerns about confidentiality have shifted to worries about the growing number of virus and worm attacks. According to data from the FBI, about 82 percent of U.S. businesses were attacked by a virus in 2003, resulting in more than US$200 billion in losses.

In addition to installing antivirus and intrusion detection products, Atos made some big architectural changes. The most important change is that it cut off access to the Internet from the network, because many viruses enter local networks through Web or e-mail connections.

Atos also established more sophisticated virtual local area networks, or VLANs, on the network. It chose a new network monitoring tool from Computer Associates that tracks, logs and prioritizes alerts on these separate VLANs. Because the VLANs are completely isolated from one another, if security is breached in one part of the network, it won't affect other parts of the network.

Olympic organizers in Athens have been criticized for falling behind schedule on a number of projects, including the construction of several sports venues. But Chevallier said the data network his team assembled is ready for action when the Games begin Aug. 13.

On Monday, Atos announced that it had completed the final technical rehearsal of the IT systems, communication, sports, security, venue management and press operations to ensure the readiness of the staff and technology.

Roughly 300 different crisis scenarios were tested during a one-week period, including information security issues--such as uncontrolled access to the data network and computer viruses--power outages, equipment failures and rescheduled sports events.

"I can tell you with confidence that there are no issues with any of the IT or communications networks," Chevallier said. "There may be other problems with moving machines, getting the right people in the right places, making sure there is power, parking, etc. But the network is in good shape."

The technology team was put to a real crisis test earlier this month, when all of Athens and the rest of southern Greece suffered a power blackout that lasted several hours. Electrical generators had not yet been installed in many of the venues, but Chevallier said that by opening day, generators will be available in case other problems occur. Greek officials are still investigating the cause of the blackout.

"The blackout was an interesting case for us," he said. "It was a good lesson for our people."