With the Winter Olympics in full force since its opening ceremony on 9th February, the unwarranted issue of a cyber-attack on the main Pyeongchang 2018 website caused a pandemonium amongst users who weren’t able to access any information or even print their tickets for the various events. The cause may, however, be controversially linked with the Russian Olympic committee’s involvement in the same since they were banned to be a part of the games, another area that gets highlighted here is of the growing importance of security testing.
Cyber-attacks have become so recurrent in this era that it makes organizations highly aware of the standards that they need to comply with along with maintaining a secured platform. For this, the essentiality of independent testing organizations increases ever so in propelling these websites towards a rigid security compliance. With pen testing as a major to-do, websites need to ensure that they go through the whole testing effort and minimize the vulnerabilities from the very beginning itself. Be it a political invasion or any other form of malicious, unauthorized access, huge corporations should be vigilant to not make this a roadblock for users. Since it wasn’t just the website that suffered an attack, the internet and public WiFi at the venue had shut down as well, during the ceremony. This essentially points out to how vulnerable can the public internet be and the channel of control that needs to be taken into consideration to avoid such attacks. Along with conducting a thorough VAPT, compliance with standards such as PCI DSS becomes a must since users today need to have a secure online payment gateway for all the digital transactions.
John Green’s quote, “we can’t know better until knowing better is useless”, seems very apt in such a scenario since paying little heed to security proves to be diresome post the consequences. Applications, indeed, need to go through a deliberate testing effort for performance or accessibility, but turning a blind eye towards security isn’t the right choice. Users, on the other hand, need to be conscious as well in proceeding with unprotected transactions or downloading malware-affected applications via a public internet platform. With a handy checklist of the approach to be followed along with the security compliances that need to be kept in mind the games should thus, begin!