Contents:
The Federal Bureau of Investigation has recently warned of threat actors potentially targeting this year’s Olympic Games. Although evidence of attacks planned against the Tokyo 2020 Olympic Games is yet to be revealed, the agency encourages organizations to maintain effective security measures.
Context
In a private industry notification issued on Monday, the US intelligence service said
Malicious activity could disrupt multiple functions, including media broadcasting environments, hospitality, transit, ticketing, or security. The FBI to date is not aware of any specific cyber threat against these Olympics, but encourages partners to remain vigilant and maintain best practices in their network and digital environments.
As the agency noted, attacks against the Tokyo 2020 Summer Olympics might involve various types of threats, including distributed denial of service (DDoS) attacks, ransomware, and phishing campaigns. Such attacks could disrupt live broadcasts or even prevent them from happening. They could also impact digital infrastructure supporting the Olympics and compromise sensitive data, which can later be encrypted.
The Tokyo 2020 Summer Olympics may attract additional attention from these actors, as they are the first to be viewed solely through broadcast and digital platforms due to the prohibition on in-person spectators. Adversaries could use social engineering and phishing campaigns in the lead up to the event to obtain access or use previously obtained access to implant malware to disrupt affected networks during the event. Social engineering and phishing campaigns continue to provide adversaries with the access needed to carry out such attacks.
The FBI believes the attackers’ goals would be to make money, sow confusion, discredit adversaries, and increase their notoriety.
Tokyo 2020 Summer Olympics has an increased potential to attract additional attention from threat actors, given that they are the first to be viewed exclusively via digital platforms or TV broadcast, as required by COVID-19 pandemic restrictions.
Earlier this year, the Bureau noted one security breach incident when the data of the Tokyo 2020 organizing committee was compromised.
In late May 2021, Japanese information technology equipment and service company Fujitsu disclosed a breach that compromised data from several of its corporate and government clients, including the Tokyo 2020 Organizing Committee and the Japanese Ministry of Land, Infrastructure, Transport, and Tourism.
Not the First Threat for the Tokyo 2020 Summer Olympics
That was not the first time malicious actors have targeted the Tokyo 2020 Olympics. Both American and Japanese recipients were being picked as potential victims of a phishing campaign in September 2019.
A few months later, in December 2019, the Tokyo 2020 Summer Olympics staff issued warnings of phishing campaigns impersonating the Organizing Committee of the Olympic and Paralympic Games (Tokyo 2020).
Threat intelligence outfit Antuit discovered the attacks while monitoring a hacking group in discussions on the dark web. According to Antuit’s Japanese branch VP Shuhei Igarashi, there is a high possibility that the operators are of Chinese origin.
Recommendations
As always, the FBI encourages service providers and other relevant partners to maintain business continuity plans to minimize essential service interruptions, as well as preemptively evaluate potential continuity and capability gaps.
Given the increase in remote work environments and the use of Virtual Private Network (VPN) services, the agency encourages regularly monitoring networks and employing best practices. Additionally, to address current threats posed by cybercriminals, the FBI suggests reviewing or establishing security TLP: WHITE TLP: WHITE policies, user agreements, and patching plans.