The Olympic Cyber Defense Games: How the Tokyo Olympic Games will fare keeping cyber attacks at bay while the world watches
Thanks to the COVID-19 pandemic, the whole world watched as the International Olympic Committee (IOC) postponed the Tokyo Olympics in 2020. Fast forward a year later and the change in sentiment -- from excitement to weariness -- is palpable in Japan and the rest of the globe. In fact, over 70 percent of the country wanted the IOC to cancel the games outright. And a resurgence of COVID cases throughout the country effectively cripples Japan’s ability to create revenue streams through international tourism and event attendance, resulting in an inevitable hit to its economy. But the IOC insists on pushing forward as the Olympic Games is a symbol of unity and resilience.
Like the IOC, however, cybercriminals will charge ahead too in their own race to potentially disrupt the Olympic games. Ultimately, it isn’t a matter of "if" they’ll succeed in doing so, but "when" and how much damage will it cause. It takes a collective of lawmakers, government officials, security and IT teams assigned to maintaining the games’ online infrastructure to ensure that proper measures are in place to deter any cyber attacks and disruptions long enough for proceedings to cross the finish line. What sorts of threats does the Tokyo Olympics face; where will those threats stem from; and can previous history lessons effectively inform present day defense tactics?
Tokyo Games in the Crosshairs?
The Tokyo games are an attractive target for attacks from a number of sources from nation states to cyber criminal gangs. Russia is allegedly no stranger to disrupting the Olympic proceedings, as it allegedly did during the 2018 Winter Games in South Korea with an attack (i.e. Sandworm’s Olympic Destroyer malware) that disrupted the games’ IT infrastructure consisting of thousands of endpoints and routers, alongside hundreds of servers in various data centers.
Russia’s retaliation against the World Anti-Doping Agency (WADA) could also be threat vector, with the Cyber Threat Alliance (CTA) assessing that the country’s APTs would target WADA to steal athletes’ personally identifiable information (PII) and medical history, therefore undermining the organization’s ability to maintain data safety and integrity. And recent activity out of China suggests not only the ability to massively compromise IT and email servers to steal data, but also that Japan’s critical infrastructure could be an attractive target as well. Given the increasingly connected nature of the Tokyo Games in lieu of spectators alongside increasing demand for broadcasts of ongoing event coverage, logistics and infrastructure providers could also be at risk.
What’s the Plan Then?
Although it’s impossible to ensure foolproof protection during the Tokyo Games, Japan did take steps ahead of proceedings, shoring up resources to create an incident response plan, educating the public about potential cyber threats and taking steps to strengthen and enforce the 2014 Basic Act on Cybersecurity. The country also formed a dedicated council to address Olympic-related cybersecurity issues and to prioritize security in the private sector, assessing ISPs’ users and hardware for vulnerabilities. Although Japan’s prep plans have hit snags along the way and there have already been reports of a data leak that compromised event ticket buyer PII -- occurrences that aptly illustrate the deep impact of human error as it pertains to security -- the country’s preemptive prep measures are still vastly important.
Vigilance and continued education of the general public is key. The Tokyo games will continue to be a lucrative target for cyber criminals, while a resurgence of COVID cases and the destruction of major revenue streams from (e.g. tourism, travel, retail, etc.) positions Japan and the IOC as a lucrative victim for bad actors. Japan must cover its bases on every level, down to generating more awareness among citizens. The average person can become an attractive target for cybercriminals for financial reasons, as well as an entry point to infiltrate and elevate their way to larger corporate networks through connected devices used by remote workers.
What Should the People Know?
There will likely be many fake, fraudulent websites or emails that appear official -- a common occurrence during major sporting events. They’ll seem like attempts at free merchandise or links to stream the games, but these sorts of scams can result in theft of credentials, passwords, credit card information and more. They can also infect smartphones or computers with malicious software or ransomware. The latter becomes a very dangerous scenario given how often the average person uses personal devices to access company networks. The unknowing victim can likely spread that malware further, resulting in continued data loss or major financial impact.
It’s also important to be cautious of any links or messages from friends on social media. Avoid clicking on suspicious emails, links and use the latest web browsers. Do not enter credentials, passwords or credit card info into questionable websites, as there will be a high probability that it’s a scam. Finally, use a password manager to help move passwords into the background, ensure all accounts have strong, complex passwords and enable multi-factor authentication to limit unauthorized access to endpoints.
In the end, the relentless nature of attackers is absolute, but a mature capability for early detection of threats along with in-depth educational initiatives for the public at large is invaluable for mitigating the damage that cyberattacks can truly do in the long run.
Joseph Carson is Chief Security Scientist (CSS) & Advisory CISO at ThycoticCentrify.