With more than 11,000 athletes from 206 countries participating, the world is watching the delayed Tokyo 2020 Olympic Games with great enthusiasm. But, unfortunately, while the Olympics showcases the very best in sporting talent, it also has a history of attracting cybersecurity threats from those seeking to cause politically motivated harm, make easy money, spread mass panic or undermine the prestige of the host nation on an international stage.
One such instance occurred during the 2016 Rio Olympics when attackers targeted the ‘World Anti-Doping Agency’ and the ‘Court of Attribution for Sport’ to obtain drug test results, leak them onto the public domain and attack their websites. This leak also included sensitive information about the athletes to damage their professional careers and reputation.
Tokyo 2020 has also experienced a data breach resulting in the usernames, bank details, addresses, and passwords of ticket holders and event volunteers reportedly being compromised and leaked online. While the Japanese Government officials claimed that the damage was not severe, the breach was an unwelcome start to such a grand event.
A tweet by Italian cybersecurity expert Stefano Zanero reported another security failure, which says, “The next time you hear talk of very sophisticated security policies and products, you can comment with this video.” The video shows the surprising incident during the airing of a volleyball game when a TV commentator asked for the credentials to his computer. Not realizing they were live on air, his colleague said out loud the password.
The Japanese government has done its homework to prepare for such cyberattacks. They trained over 200 white hat hackers from Japanese ICT firms and carried out simulated attacks in cities and rural areas to give them real-time experience.
Our research team has identified five possible threats that might endanger Tokyo 2020 event’s credibility.
A ransomware attack has the potential to cause massive disruption. Given the hype and commitment around the Olympic Games, any host nation would be under tremendous pressure to succumb to ransomware demands. The priority would be to let no interruptions, ensure continuous global broadcasts, and get all critical services back online as quickly as possible if held hostage.
To prepare against such attacks, the organizing committee can ensure proper data backups are in place in addition to general security measures. This action will help restore the information securely in case of such an attack, making it available on-demand. Most often, we find that backups are unable to help when needed. So, in addition to backup policies and systems, it is imperative to regularly test these backups by restoring data and ensuring that it is reliable.
In 2018, a computer malware dubbed Olympic Destroyer hit select networks and Wi-Fi systems at the Winter Games in Pyeongchang, causing a forced closure of the official website and resulting in many spectators unable to print their tickets. The possibility of such attacks during Tokyo 2020 cannot be ruled out.
The best way to beat malware attacks is to deploy multiple anti-malware technologies, such as endpoint detection and response (EDR), email malware filtering, web malware filtering, and other such systems which use a combination of signature-based and behaviour-based detection techniques. In addition, multi-layered attachment scanning, including static file analysis, sandboxing, and safe file conversion, have proven to be effective.
Distributed Denial of Service (DDoS) attacks are sophisticated assaults where cybercriminals make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting the services of a host connected to the internet. We saw a similar attack during the Rio 2016 Olympics.
Detecting and preventing DDoS attacks requires a combination of ISP-supported and on-premises technologies that use a wide variety of traffic and protocol anomaly detection techniques to figure whether the incoming traffic is genuine or not.
Phishing is a commonly used tactic in which cybercriminals assume fake digital identities to trick organizers, spectators, and participating athletes into sharing their private and personal information. This can then lead to unsolicited requests and ransomware installation. Such attacks usually happen when people trust and accept links from unidentified sources, such as friendship requests or email attachments.
Ironically, the solution is also pretty simple. We must train all involved individuals to spot and report suspicious calls, emails, chats, and connection requests. Email security technologies have also improved to automate the detection of phishing emails. Still, the best defence is user awareness.
It is an open secret that organized criminals and cyber terrorists may attack the Olympic games to obtain instant media attention to further their cause. With high stakes involved due to multiple organizations, countries, political leaders, and the massive audience it attracts, Tokyo 2020 has the potential to become the stage for such State-Sponsored Attacks.
Any successful attack could have severe ramifications and may even temporarily disrupt the proceedings.
Mitigations and Recommendations
- Start with the basics. Ensure all users in the system have unique credentials. Follow strong password practices and have Multi-Factor Authentication (MFA) enabled.
- Get all devices on the network inventoried, documented, patched constantly, and hardened against faulty configurations.
- Deploy a Security Incident Event Management strategy to be prepared in the event of a possible attack. Combined with an experienced team of security analysts, incident responders, and threat hunters, this would provide tremendous detection and response capabilities to the Games.
- Deploy multiple layers of malware protection technologies at endpoints, email gateways, web gateways, etc.
- Take backups and test these backups on a regular basis.
- Train all stakeholders on cybersecurity best practices. Run end-user cybersecurity awareness initiatives.
It is safe to say that no event is cyber-attack proof. But no cyber-attack is unpreventable. With careful organization and mindful implementation of security measures, Tokyo 2020 can indeed aim to be a cyber-attack-proof event amongst the major sporting events of this decade.