The Olympics is a one-of-a-kind event that garners attention from every corner of the world, digital and in-person. So it is without surprise that warnings of cyber threats ahead of the Winter Olympics significantly increased after The International Olympic Committee & Beijing 2022 organizers announced that no foreigners would be permitted to attend in person. Like Tokyo, the Olympics in Beijing will depend heavily on remote and streaming services to deliver a digital experience where spectators worldwide can communicate and engage with one another. This digital dependence is what threat actors are looking to leverage. The gold medal they are after is the ability to disrupt or degrade networks and applications used by Olympic organizers, partners, sponsors, suppliers, service providers, and digital attendees.
The following is by Daniel Smith, Radware’s Head of Threat Intelligence, and was initially published on darkreading.com, December 01, 2021.
While the 2021 Tokyo Summer Olympics were hardly a financial success (estimated by some to have cost $30 billion), there was one area in which it excelled: cybersecurity. How did the results match earlier threat predictions, and what, if anything, might this mean for the upcoming Winter Olympics in Beijing in February 2022?
Cybersecurity Predictions for Summer Olympics
The Olympic Cybersecurity Work Group for the Cyber Threat Alliance (CTA) met multiple times in the run-up to the originally scheduled 2020 Tokyo Olympics. CTA prepared a threat analysis for the games and reported its findings. Unfortunately, due to the pandemic, the Tokyo Olympics were delayed until 2021.
A year later, in the CTA’s April 2021 Olympic update, the group noted that the dangers presented by ransomware groups had increased dramatically since the 2020 Summer Olympics report was published. The updated report also predicted an increased threat from nation-state threat actors looking to target the Olympics or Olympic-related organizations, using techniques such as data theft and disinformation campaigns or possible targeted system disruptions.
Based upon the fact that the Tokyo Olympics would ultimately feature far fewer spectators in-person (and no international spectators), the CTA Working Group noted that there could be an increased demand for livestream coverage. And because threat actors may have believed that Japan’s cybersecurity capabilities were weakened from COVID-19 and other domestic factors, the group warned of an increased threat.
Results from the Tokyo Olympics
NTT Communications provided telecommunications services and network security for the Summer Olympics in Tokyo, including managing some 11,000 Wi-Fi access points.
Before the event, the organization predicted that cybercriminals were likely to leverage distributed denial-of-service (DDoS), ransomware, or other direct attacks against critical infrastructure.
In an October 2021 post-Olympic press release from NTT, the company noted that despite the increased activity, no cyber events ultimately impacted the Olympic or Paralympic games because of the network security and cybersecurity measures implemented. None!
The results speak for themselves. The total number of blocked security events, including unauthorized communications to the Olympic website, was 450 million — an enormous number that is hard to conceive.
Frankly, that’s an incredible achievement in and of itself, let alone combined with pandemic delays and an increased reliance on livestreaming because of the COVID-19 spectator ban. Those 450 million attacks also represented a 2.5 times increase in the total number of events experienced at the London Summer Olympics in 2012.
NTT chalked up success to its “holistic approach to cybersecurity strategy,” which it said included ongoing threat intelligence monitoring and analysis, SOC services, a complete security solutions package, and a team of more than 200 cybersecurity specialists.
As with Tokyo, no foreigners will be allowed to attend the Beijing Winter Olympics in February or the Paralympic games in March, again emphasizing livestreaming events for the remainder of the world. As such, I think it’s fair to say that we’ll see at least a half-billion cyber events, perhaps more, directed at the Beijing Olympics. We also know from the NTT report that the threat landscape, including threat actors and their tactics, techniques, and procedures (TTP), changed significantly from 2020 to 2021, posing new challenges — so we expect to see that trend continue for the Winter Games in 2022.
While the good news is that NTT will again be providing security for the Winter Olympics, we believe it will once again have to reallocate resources and rebuild certain parts of the security infrastructure to evolve with the threat landscape and to ensure the same level of stability that we experienced during the Tokyo games. Beyond the threat of large DDoS attacks, NTT will have to pay particular attention to the danger of small DDoS attacks that cumulatively could disrupt livestreaming or services crucial to the success of the digital games.
Digital Games Are Here to Stay
While many were hoping to attend the Tokyo and Beijing Olympics in person, I believe that the pandemic has forced many of us, from sports fans to information security professionals, to realize that digital transformation means that we will not be traveling as often to events such as the Olympics or conferences. Instead, we will be ever more reliant on remote and streaming services to spectate, communicate and engage with one another. As such, organizations will need sound cybersecurity strategies in place since disruption will not be an option.