Experts are sounding the alarm about potential cyberattacks on the Tokyo Summer Olympics from those looking to create chaos at the already embattled event.
The concerns come after a year of escalating cyberattacks against a range of institutions and as global tensions have skyrocketed during the course of the COVID-19 pandemic.
“The Olympics are a huge opportunity for a country, in this case Japan, to put its best foot forward, to show off, to show the gains and strides that it has made, to increase tourism, to put itself on a better place on the world stage,” Neil Jenkins, the chief analytics officer of the Cyber Threat Alliance (CTA), told The Hill on Friday.
“Any nation state that is not aligned with Japan may see an opportunity here to try to embarrass Japan through a cyberattack,” he warned.
The CTA published a report last year, updated in April, detailing a range of potential cybersecurity threats against the delayed 2020 Summer Olympics, including disinformation campaigns, ransomware attacks and data leaks.
Cybersecurity threats to the Olympics are not without precedent. The 2018 Winter Olympics in Pyeongchang saw the highest level of attacks. Russian hackers carried out attacks on Olympic networks before the opening ceremony, which slowed down the entry of spectators and took Wi-Fi networks offline. They also tampered with portions of the broadcast.
The Department of Justice last year indicted six members of the Russian Main Intelligence Directorate (GRU) in connection with those attacks, which were likely in retaliation for Russian athletes being banned from competing under their flag due to doping allegations.
With that same ban in effect through the 2022 Winter Olympics, Russia is seen as one of the biggest threats to the Tokyo Games and has already demonstrated its potential to cause disruption.
The United Kingdom’s National Cyber Security Centre condemned the GRU last year for its plans to disrupt both the 2020 Summer Olympics and the Paralympics before they were postponed on account of the COVID-19 pandemic.
“The GRU’s actions against the Olympic and Paralympic Games are cynical and reckless,” British Foreign Secretary Dominic Robb said in a statement in October. “We condemn them in the strongest possible terms.”
Experts say Moscow is now the main threat to the Summer Olympics, which kick off in Tokyo on July 23.
“There are obviously physical risks, which are very real at every Olympics, but as far as the cyber risks go, I think the most important threat is the risk of disruption by Russian actors,” John Hultquist, the vice president of cybersecurity group FireEye’s Mandiant Threat Intelligence, told The Hill.
“We were expecting them to hit Tokyo before COVID disrupted the games the first time,” Hultquist said. “Mandiant has seen evidence that they were probing Japanese networks.”
While potential Russian attacks are a major concern, another potential threat is that of a ransomware attack on the Olympics or a third-party vendor that could make it more difficult for the Games to take place.
Ransomware attacks have become an international security concern over the past year in particular, with health care organizations and hospitals crippled during the pandemic by such attacks. Critical supply chains have also been hit, with Colonial Pipeline and JBS USA being two of the biggest victims in the U.S.
The Japanese Olympic Committee revealed last month that it was hit by a ransomware attack in April and that it had not paid a ransom and replaced all infected computers.
“The thing I am most worried about right now for the Games, one of the things at the top of my list in general, is ransomware,” Jenkins said.
“Because of all of the systems and things that have to go right to pull off an event as large as the Olympics, there are a lot of organizations that could be targeted,” he added.
Rep. Jim Langevin (D-R.I.), chairman of the House Armed Services Committee’s cybersecurity subcommittee, told The Hill in June that he was particularly concerned about ransomware as the Olympics opening ceremonies draw near.
“Anything that is a high-value target could be a problem, and so I would be worried that something like the Olympics would be a target of opportunity for ransomware hackers,” Langevin said. “It’s going to be put to all of us to try to redouble our efforts working with our partners and allies to try to make sure that a ransomware attack is not successful.”
Other concerns organizers and experts are focused on include disinformation surrounding the Games.
“I think any international event is going to have a corresponding information operations threat. The Olympics have been an ideological battleground for a long time. I would not be surprised if some of those players get engaged as well,” Hultquist said.
While the International Olympic Committee (IOC) did not respond to The Hill’s request for comment on this story, a spokesperson told Reuters in October that “the IOC and the Organising Committees of the Olympic Games have identified cyber security as a priority area and invest a lot to offer the Olympic Games the best cyber security environment possible.”
Jenkins said Friday that he believed both the IOC and the Japanese government have taken the threats seriously. However, he stressed that in light of the evolving avenue of attack hackers could exploit, it is almost impossible to defend against everything.
“We know that they are engaging correctly with the broader cybersecurity community,” Jenkins said. “I think it’s a good sign that they are conducting cybersecurity exercises, thinking through information sharing relationships and getting ready in case something happens.”
“With as many organizations that are involved, with as many vulnerabilities that could be present in each of those organizations, a lot of times the best thing you can do is be prepared to respond,” he said.