[BreachExchange] Five cybersecurity threats facing the Tokyo 2020 Olympics

Fri Jul 23 11:59:45 EDT 2021

https://www.msn.com/en-gb/money/other/five-cybersecurity-threats-facing-the-tokyo-2020-olympics/ar-AAMtDyg

The Tokyo 2020 Olympic Games, which officially begins today, isn’t going to
look anything like the Olympic Games that have gone before it.

Since no spectators are permitted at the live sports, this is likely to be
one of the most streamed events of the year, with millions of people
watching from home.

It isn’t just the spectators; many broadcasters are operating remotely as
well, and this makes the Games a very attractive target for cybercriminals
who exploit the vulnerabilities that come with a separated workforce.

These attacks can have very real-world consequences. Athletes who have
trained their whole lives for these Games could miss their event if the
computer networks are down. World record performances could be missed by
those watching at home.

So, what are the main cybersecurity threats that face the Tokyo 2020
Olympic Games?

Ransomware

Ransomware has been grabbing headlines lately and is the most impactful
threat facing the Games.

A successful ransomware attack has the potential to cause massive
disruption. Given the short duration of the Olympic Games, any victim would
be under increased duress to pay any ransom demands in order to get the
event to go ahead, allow the television media to broadcast, or to get
critical services back online quickly.

Organisations involved with the Games must be prepared for ransomware. This
includes ensuring they have the necessary security measures in place and
having data backups, which means that they have information securely stored
elsewhere to turn to in the event of an attack. It is important to adopt a
layered security approach that focuses on both technology and people.

DDoS attacks

Another threat we are likely to witness is distributed denial of service
(DDoS) attacks.

These involve a cybercriminal making a machine or network resource
unavailable to its intended users by temporarily or indefinitely disrupting
services of a host connected to the internet.

The Rio 2016 Olympics suffered sustained and sophisticated DDoS attacks, so
it is likely that Tokyo 2020 will experience the same.

To help stop attacks, organisations involved must ensure that they
understand their networks. This includes reviewing and cataloguing devices,
nodes, printers, interfaces, routers, servers, and users on a regular
basis.

If the security team knows what is “normal” and this is baselined, it will
act as a benchmark for future incident review.

Malware

In 2018, a computer malware attack dubbed “Olympic Destroyer” hit select
networks and Wi-Fi systems at the Winter Games in Pyeongchang.

This led to a forced closure of the official website, resulting in many
spectators being unable to print their tickets for the event.

Mimecast data shows that there has been an increase in malware in 2021
compared to previous years, so it is highly likely that it will be targeted
at Tokyo 2020.

The best way to prevent malware attacks from being successful is to use
multiple antivirus engines and a continually updated global signature
database to stop known malware, as well as multi-layered attachment
scanning – including static file analysis, sandboxing, and safe file
conversion – to block unknown malware.

Phishing

One type of attack that is specific to governing bodies is phishing.

Cybercriminals could use this tactic to trick an official or athlete into
exposing personal or embarrassing data held by them.

It is vital that all stakeholders are trained to spot any suspicious
emails. This is a particular problem when people are operating remotely and
more likely to open attachments from unknown sources.

The risk of third party or supply chain compromise is also a concern and
has become more complex, with sophisticated cybercriminals modifying
seemingly legitimate third-party software providers’ patches or updates as
a route into more secure but related entities. This could include the
impersonation of their email accounts.

On top of this, it is likely cybercriminals will use the fact that there
are no spectators allowed to attend to their advantage. Consumers should be
on the lookout for scams offering ticket refunds and always double check
any correspondence is legitimate before sharing personal data.

State sponsored activity / hacktivism

Sophisticated threat actors could look to disrupt the Games, or a specific
event, or even look to secure media attention to further their cause.

With so many organisations involved in delivering the Olympic Games and the
massive audience it attracts, cybercriminals are certain to look for
vulnerabilities.

Any successful attack could have serious ramifications and even lead to an
event being temporarily suspended. The reputational damage this would cause
to the victim would be significant.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20210723/9370e111/attachment.html>