The cybersecurity team responsible for securing and protecting the Tokyo Summer Olympics 2021 have been busy – and promise to be busier still as the games get underway. Just as the 2018 PyeongChang Winter Olympics became a major target for cyberattacks, and with attacks threatening to derail the opening ceremony and some of the more popular sporting events, the Tokyo Olympics cybersecurity team is continuously fending off attackers who hope to make a name for themselves.
The Tokyo Olympics is heavily dependent on digital technology, and the number and types of devices used are extensive. For scale, the 2018 Winter Olympics relied on more than 10,000 PCs, more than 20,000 mobile devices, 6,300 Wi-Fi routers, and 300 servers. Let’s explore some of the interesting new technologies Tokyo will have for the Olympics.
The Olympics rely on technology for almost everything. It’s far beyond what’s needed just for spectators. Did you know that the world’s best archer, Deepika Kamari, famously has an issue with stress during competition? But at these games there are cameras that measure and display her stress level via heartrate and that information is streamed to spectators around the world.
"Camera will check changes in the colour and shape of the skin on the face caused by blood pumping. From this, we can determine the heart rate and from that the stress levels,” a World Archery official told PTI. He goes on, "It would show the stress level to the audience whether the archer’s stress level goes high, heart beat before a deciding shot. It would be only for the individual matches.”
Interested in the technology being used to simply broadcast the Olympics? Let’s take a look!
Nick Lennon, Mimecast country manager, said that given the nature of the Tokyo Olympics, with even fans in Japan unable to attend, “…nearly every device around the world is going to be connected back into the Games. The attack opportunity for a very well-crafted campaign has incredible reach. Reach we've not seen before."
This complete reliance on and use of technology is putting this Olympics in cyber-danger. Because of the reduced attendance regulations due to COVID, most of the world will follow their favourite athlete or sport via the television or internet – meaning everyone in the world will be glued to their screens or devices for the next few weeks. Imagine the disruption if an attacker shuts down TV cameras, biometrics readers, or steals athlete information stored online? Or worse, takes over and uses these platforms as a soapbox for terrorism, hacktivism, or political rants.
With the Russian athlete ban due to doping at the 2018 Winter Olympics still in effect through the 2022 Winter Olympics, it is thought that Russian cyberattack groups are one of the biggest threats to the Tokyo Games and they have already demonstrated their potential to cause disruption.
Cyber-attacks don’t necessarily need to be technology to technology to cause disruption. Consider the supply chains used to get all the equipment and athletes to the Olympics. Even worse, consider the technology used to set up the athlete equipment – and what would happen in a threat actor gained access to say, the pully system holding up massive light riggings, or was able to shut down the meatal detectors or cameras for long enough to bring an explosive device into the Olympic event.
Enterprises genuinely believe they have a comprehensive security approach, but this is rarely the case. More than 60% of IT managers have an incomplete inventory of their IT devices. If these statistics hold true, there will be IT administrators at the Olympics who will not know the whereabouts of devices they are responsible for – leaving a gap for attackers to slip in and out unnoticed or wreak havoc. As the first Olympic sport to use biometric data, archery is paving what promises to become a well-worn path allowing spectators to know more about the inner workings of the athletes' bodies than the athletes themselves. Attackers stealing monitoring equipment would have direct access to athlete health information as well as the networks carrying the data.
Sangfor Technologies believes a bit of caution is far better than any cure – and hopes the Tokyo Olympics Incident Response (IR) services are up and running smoothly. IR services vary depending on vendor, but the best vendors will give you 360-degree service covering for the three phases of every attack.
Detection of attackers when they first start sniffing around your system is critical. A next generation firewall (NGFW) deployed at all perimeters is a must when it comes to network security. Sangfor NGAF is an NGFW designed to filter and inspect network and application traffic for threats, protect the network and end-users from intrusion, and bring in security intelligence from outside the network. Sangfor NGAF is the world's first AI-enabled next-generation firewall, fully integrated with WAF (Web Application Firewall) and Endpoint Secure (next generation endpoint security), powered by Engine Zero malware detection and cloud-based Neural-X threat intelligence.
Tracking and behavior analysis of users is a second important function of the Sangfor suite of security solutions. Sangfor Endpoint Secure and monitors end-user device connections and activity with other laptops, mobile devices, desktops, and tablets, reducing the risk of exploitation and infiltration of malware, advanced persistent threats (APTs) or zero-day threats. Endpoint Secure manages the endpoint asset security life-cycle from prevention, detection, and defense, all the way through response.
We know that the Tokyo Olympics Cyber Security team took the extra year to train as the athletes did. We know they used the massive escalation of cyber-attacks during COVID to brush up on their skills! As we watch the athletes compete for gold in 2021, the Olympics Cyber Security Team will be watching hackers going for the gold. We will be watching the Tokyo Olympics for any signs of cyberattack or trouble, but if nothing else, it promises to still be a spectacle!