The Tokyo Olympics, which formally opened today (Fri.), are already being targeted by threat players.
However, the US Federal Bureau of Investigation’s Cyber Division has now issued a warning the Games’ TV broadcast could be plagued by attacks, since it will be the only way to view events now that spectators have been barred due to COVID-19 issues.
Expected cyber-attacks on Tokyo Olympics likely include attempts to hijack video feeds, the American Feds warn.
“Adversaries could use social-engineering and phishing campaigns in the leadup to the event to obtain access or use previously obtained access to implant malware to disrupt affected networks during the event,” the FBI notification outlined.
“Social-engineering & phishing campaigns continue to provide adversaries with the access needed to carry out such attacks.”
The FBI added that, the Olympics will attract both run-of-the-mill cyber-criminals and nation-state actors who want to “make money, sow confusion, increase their notoriety, discredit adversaries & advance ideological goals.”
On the day the FBI released its warning, the personal data of volunteers & ticket purchasers for the Tokyo Olympics was leaked online.
The 2018 PyeongChang Winter Olympics was attacked by relentless attacks, including the Olympic Destroyer attack on the Games’ Opening Ceremony, the FBI pointed out. It warned athletes, visitors, press & others to be on the look-out for spear-phishing campaigns & malicious links that could trigger ransomware, distributed denial of service (DDoS) & other cyber-attacks.
ISPs & Broadcast Networks Warning
This year’s broadcast-only Games means internet service providers (ISPs) & television networks will be attractive to threat players who might want to disrupt a global audience all at once, or hold the Games themselves hostage, the FBI warned. The advisory added that law enforcement is keeping an eye on a May breach of Fujitsu, whose clients include the Tokyo 2020 Organising Committee & the Japanese Ministry of Land, Infrastructure & Tourism.
On the nation-state level, Ross Rustici, MD at Stone Turn, pointed out that both Russia & China have incentives to disrupt this year’s games.
“The Russians are currently waging a silent war against the International Olympic Committee (IOC) following the committee’s ban on Russian participation in international sporting events, & China has recently engaged in an escalation of tensions with Japan,” Rustici observed.
“A cyber-strike that disrupts or otherwise reduces the spectacle of the games, especially given the all-remote nature of the experience, could be leveraged as both a diplomatic signal & a way to tarnish faith in the IOC or in Japan being a viable alternative to Chinese technology & diplomacy.”
Ransomware groups will be drawn into the possibility of controlling the switch to the games’ broadcast & squeezing out a massive payment to turn it back on, Rustici added.
“The heightened pressure of time-to-resolution will create additional incentives for impacted network operators to pay ransom demands quickly rather than manually restore operations,” he stated.
Regardless of the outcomes, Tokyo’s ability to defend its networks is about to be put on display for the world to see, according to Rustici.
“How much activity becomes apparent to global spectators will be dependent upon how well Tokyo has been able to align its national level cyber resources to defend the most critical networks,” he concluded.