Tokyo 2020 Olympic Games & cyber threats

The organizing committee of the Tokyo2020 Olympics has decided to use the expertise of about 200 ethical hackers to protect their infrastructures from possible cyberattacks.

Organizers fear that history may repeat itself:  the cyber intrusion disturbing the tv and #internet transmission of the Pyeongchang Winter Olympics in South Korea in 2018 forced some changes in the program.

Technology has impacted for good the performance of tournaments, exhibitions, and sport events, but has also provided considerable attack surfaces for threat actors to exploit.

Cyber threats are especially concrete in COVID times, where physical attendance to such events has been limited, leaving virtual streaming as the most viable way to follow the deeds of Olympic athletes for billions and billions of fans over the globe.

Will we see a competition between whitehat and blackhat hackers at the ongoing Olympic Games, then?

Learn more on our blog!

What kind of cyber threats can be expected?

The IT systems of the Olympics, as well as those of national federations, individual athletes and fans may suffer from a quite extensive range of cyber threats.

We list the main ones:

  1. Ransomwares. Some analysts are making educated guesses that malwares may cause massive harm, if employed against the Games. By exploiting supply-chain weaknesses of major suppliers, malwares may encrypt vital data needed to assure the backstage operations of the event. This would provide a great leverage in getting ransomware in exchange for a decryption key;
  2. Malwares. Along with ransomwares, malwares may be employed to cause sabotage. A malware shutdown, for instance, the tv and internet transmission of the opening ceremony of the Pyeongchang Winter Olympics in South Korea in 2018, forcing the organizers to make some changes in the program. It also hit other IT systems, the public Wi-Fi, ticket printing, and the Winter Olympics’ website;
  3. Phishing. Finally, phishing may be another considerable threat. Threat actors behind phishing campaigns may employ similar wording of official slogans related to the Olympics or stolen official logos to induce users to click on malicious link and initiate an attack.

Conclusion: how is Tokyo2020 defending from these threats

To conclude, the list of the threats listed below is common, but they should not be underestimated. The Organizing Committee has taken action in the past months to assure the resilience of the Games from major cyberattacks.

It has hired almost 200 hundred ethical hackers to be better prepared to deal with malicious actors.

The recruitment took place through the National Institute of Information and Telecommunication Technology which selected the best talents and professionals working within Japanese telecommunications companies.

The selected hackers underwent a cycle of 20 lessons and training sessions. Among the proposed activities, the “Olympic” hackers split into groups and simulated attack and defense to protect or attack their systems in order to test their cyberskills.