The top five cybersecurity threats facing the Tokyo 2020 Olympic Games and how they could disrupt events, halt broadcasts and expose sensitive data
The Tokyo 2020 Olympic Games, which officially begins today, isn’t going to look anything like the Olympic Games that have gone before it.
Since no spectators are permitted at the live sports, this is likely to be one of the most streamed events of the year, with millions of people watching from home.
It isn’t just the spectators; many broadcasters are operating remotely as well, and this makes the Games a very attractive target for cybercriminals who exploit the vulnerabilities that come with a separated workforce.
These attacks can have very real-world consequences. Athletes who have trained their whole lives for these Games could miss their event if the computer networks are down. World record performances could be missed by those watching at home.
So, what are the main cybersecurity threats that face the Tokyo 2020 Olympic Games?
Ransomware
Ransomware has been grabbing headlines lately and is the most impactful threat facing the Games.
A successful ransomware attack has the potential to cause massive disruption. Given the short duration of the Olympic Games, any victim would be under increased duress to pay any ransom demands in order to get the event to go ahead, allow the television media to broadcast, or to get critical services back online quickly.
Organisations involved with the Games must be prepared for ransomware. This includes ensuring they have the necessary security measures in place and having data backups, which means that they have information securely stored elsewhere to turn to in the event of an attack. It is important to adopt a layered security approach that focuses on both technology and people.
DDoS attacks
Another threat we are likely to witness is distributed denial of service (DDoS) attacks.
These involve a cybercriminal making a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the internet.
The Rio 2016 Olympics suffered sustained and sophisticated DDoS attacks, so it is likely that Tokyo 2020 will experience the same.
To help stop attacks, organisations involved must ensure that they understand their networks. This includes reviewing and cataloguing devices, nodes, printers, interfaces, routers, servers, and users on a regular basis.
If the security team knows what is “normal” and this is baselined, it will act as a benchmark for future incident review.
Malware
In 2018, a computer malware attack dubbed “Olympic Destroyer” hit select networks and Wi-Fi systems at the Winter Games in Pyeongchang.
This led to a forced closure of the official website, resulting in many spectators being unable to print their tickets for the event.
Mimecast data shows that there has been an increase in malware in 2021 compared to previous years, so it is highly likely that it will be targeted at Tokyo 2020.
The best way to prevent malware attacks from being successful is to use multiple antivirus engines and a continually updated global signature database to stop known malware, as well as multi-layered attachment scanning – including static file analysis, sandboxing, and safe file conversion – to block unknown malware.
Phishing
One type of attack that is specific to governing bodies is phishing.
Cybercriminals could use this tactic to trick an official or athlete into exposing personal or embarrassing data held by them.
It is vital that all stakeholders are trained to spot any suspicious emails. This is a particular problem when people are operating remotely and more likely to open attachments from unknown sources.
The risk of third party or supply chain compromise is also a concern and has become more complex, with sophisticated cybercriminals modifying seemingly legitimate third-party software providers’ patches or updates as a route into more secure but related entities. This could include the impersonation of their email accounts.
On top of this, it is likely cybercriminals will use the fact that there are no spectators allowed to attend to their advantage. Consumers should be on the lookout for scams offering ticket refunds and always double check any correspondence is legitimate before sharing personal data.
State sponsored activity / hacktivism
Sophisticated threat actors could look to disrupt the Games, or a specific event, or even look to secure media attention to further their cause.
With so many organisations involved in delivering the Olympic Games and the massive audience it attracts, cybercriminals are certain to look for vulnerabilities.
Any successful attack could have serious ramifications and even lead to an event being temporarily suspended. The reputational damage this would cause to the victim would be significant.
Dr Francis Gaffney is Director of Threat Intelligence at Mimecast.