The Olympics is the premier international sports event that garners millions of people and views to watch different nationalities compete for athletic glory. However, due to the pandemic restrictions, very few people are watching the games in person and everyone else is streaming online. Because of the high volume of views that the Olympics gather, it makes it a perfect target for cyberattacks.
The Olympics is no stranger to attacks. In 2016, Russian hackers leaked private medical records of athletes, exposing Olympic athletes like Simone Biles and Serena and Venus Williams. The group, Fancy Bears, hacked into the World Anti-Doping Agency (Wada) database and stole confidential information as a response to the Russian team being banned. In 2018, during the South Korea Winter Olympics, Russian spies hacked the Olympics and shut down online ticketing during the opening ceremony. Because of this, governments and experts around the world are wary that they will strike again at this Tokyo Olympics.
Concerns are steadily growing due to the potential cyberattacks on the Olympics and many experts are on high alert, encouraging institutions linked to the games to be vigilant of any cyberattacks that may be committed for fame or political reasons. Since almost no bystanders are allowed due to regulations, the events are being streamed online, giving attackers an advantage. On the 19th of July, the FBI issued a Private Industry Notification to service providers stating that cyber actors could use “…distributed denial of service (DDoS) attacks, ransomware, social engineering, phishing campaigns, or insider threats to block or disrupt live broadcasts of the event, steal and possibly hack and leak or hold hostage sensitive data, or impact public or private digital infrastructure supporting the Olympics.”
There have also been reports of malicious software and websites that target both organizers and fans. According to Mitsui Bussan Secure Directions, a malware was detected by antivirus software around the world. It is a fake PDF file posing as a Japanese-language report on Olympics-related cyberattacks and when opened, activates malware that compromises a user’s device and deletes data. According to a security firm, the file does not only wipe out all the computer’s data but also searches for certain file types such as Microsoft Office files, TXT, and Log.
Another key concern for the Olympics is the fake streaming sites that are popping up due to the restrictions. They use key terms like “Tokyo” or “2020” in their names for a higher chance of being clicked. However, by clicking the links, it could open the users to an attack. Japanese officials have also reported a data leak exposing account credentials of Olympics ticket buyers and volunteers. The leak included names, login IDS, passwords, addresses, and bank details that were stolen through the Tokyo Olympics ticket portal. The compromise was linked to unauthorized access of computers or smartphones. However, government officials did state the attack was “not large” and responded immediately to prevent the further spread of the attack.
Cybercriminals are always targeting big events like the Olympics to capitalize on them. Since majority of the committee in charge of the games are working from home, it is crucial for members to secure Tokyo Olympics-related infrastructures such transportation, venues, electricity and remote work environments to prevent further breaches. The organizers are implementing strict measures based on past attacks and making sure that they are prepared for any threat actors. Isao Itabashi, a cybersecurity expert, expressed how it is natural for cyberattacks to hit the Tokyo Games and it’s important to fix things quickly, leaving no severe results if there is damage.
__
References:
“Tokyo Olympics Increasingly under Threat from Cyberattacks.” The Japan Times, 16 July 2021, www.japantimes.co.jp/news/2021/07/16/national/olympic-games-cyberattacks.
“FBI Warns of Potential for Cyberattacks during Olympics.” CNN, uploaded by CNN, 23 July 2021, edition.cnn.com/videos/world/2021/07/23/olympic-cyberattacks-russia-marquardt-newday-vpx.cnn.
Writer, Staff. “Cyberattacks Zero in on Tokyo Olympics as Games Begin.” Nikkei Asia, 22 July 2021, asia.nikkei.com/Spotlight/Tokyo-2020-Olympics/Cyberattacks-zero-in-on-Tokyo-Olympics-as-Games-begin.
Collier, Kevin. “Olympics Are on Guard as a Favorite Target of Russian Hackers.” NBC News, 22 July 2021, www.nbcnews.com/tech/security/olympics-are-guard-favorite-target-russian-hackers-rcna1422.
Crothers, Brooke. “Tokyo Olympics Could Be Threatened by Cyberattack, FBI Warns.” Fox News, 24 July 2021, www.foxnews.com/tech/tokyo-olympics-threatened-cyberattack-fbi-warns.
Cimpanu, Catalin. “Wiper Malware Targeting Japanese PCs Discovered Ahead of Tokyo Olympics Opening.” The Record by Recorded Future, 22 July 2021, therecord.media/wiper-malware-targeting-japanese-pcs-discovered-ahead-of-tokyo-olympics-opening.
Hope, Alicia. “Japanese Official Says Data Leak Exposed Account Credentials of Olympics Ticket Buyers and Summer Games Vo …” CPO Magazine, 28 July 2021, www.cpomagazine.com/cyber-security/japanese-official-says-data-leak-exposed-account-credentials-of-olympics-ticket-buyers-and-summer-games-volunteers.
