Search
Close this search box.
Request a quote

Cyber experts warn of ransomware risks during Tokyo Olympics

olympia-1535219

Cyber experts warn of ransomware risks during Tokyo Olympics

Should the Summer Games face a cyberattack, the losses would be significant.

The five-ring symbol of the Olympic Games in Tokyo, Japan.

It might be assumed that with the ban on physical spectators at the postponed 2020 Tokyo Olympics, the level of risk stemming from this global event — particularly the spread of COVID-19 — has diminished, but cyber experts warn of a different risk: cyber. Fears of telecom disruptions and ransomware attacks are founded, and the damage that could be caused has increased with the reliance on technology to broadcast the Games, which kicked off on July 23rd. Experts say insurers could face potentially massive losses based on the high-risk factors.

Organizers have said that they are prepared for the kind of cyberattack that temporarily paralyzed IT systems ahead of the official opening ceremonies of the 2018 Pyeongchang Winter Olympics in South Korea.

“I think Japan is prepared for what happened in South Korea in 2018, but the landscape for cyberattacks has shifted so they can only be prepared for what they’ve seen in the past but maybe not for the next iteration of it,” Robert Behny, senior director of cyber data and partnerships at Verisk, told PropertyCasualty360. He added that “The best preparation that they can do ensure they have a solid foundation — software patching and system backups.”

COVID-19 has forced the world to transition to a digital state faster than expected. Japanese officials have even said they are utilizing technology such as facial recognition systems to monitor volunteers. A cyberattack on a broadcast or streaming network used by the Olympics may spell disaster as attackers could have hacked the IT infrastructure over a year ago when it was originally planned to be used.

While Japan has shown that they have been busily working on cybersecurity defenses over the past several years, Bethany Vohlers, senior manager for cyber solutions at Verisk, said: “In a lot of ways, the actors are always one step ahead of where the rest of the industry is. And that’s coming from the fact that they are largely typically nation-state attacks that are heavily funded. It can be an act of war, but it’s really a tool. And so there’s always going to be this appetite in the cybercrime world…to try and disrupt these sorts of events.”

Although Japan is ranked as low-risk by insurance and risk management firms, giving it a stellar reputation as a safe place to visit, the nation cannot afford to become too complacent.

With spectators having to watch the Games virtually, it means purchasing tickets with banking information and logging in to a website account to print tickets and watch the Games. If there’s an attack on the Olympics, disruptions to the virtual supply chain could impact companies supporting the Olympic Games and even virtual spectators.

With the absence of in-person attendance, the event is going to be very reliant on technology to stream or to save content, Behny said.

“That high technology reliance means that you’re going to have third parties of the Olympics officiants and fourth parties supporting that type of technology to stream content and to save the content for later viewing,” he added.

Even at-home spectators face risks

The organizers of the Olympics aren’t the only ones who should be vigilant. Suppliers and spectators must take action to protect themselves and those they are connected to. In addition to malware, there’s also the possibility of ransomware attacks, so what can companies expect if they’re targeted?

“I think all the suppliers, if you’re not the Olympic committee who’s actually putting on the show, you’re probably a target for ransomware,” Behny said. He added that if a threat actor can take you down and make you pay as a ransom or extortion, they achieved their goal because their criminal organization gets paid. But for the Olympic organizing team, threat actors want to have a media blackout so the Games can’t be produced.”

Behny warns spectators to be cognizant of phishing emails, so, if they get emails, they need to know if it’s a legitimate email from the Olympics or one from a streaming provider that they actually trust and shouldn’t click links that they don’t trust because it could have malicious attachments. “It’s the typical…good hygiene, good citizen of email etiquette,” he said, adding, “Pay attention to what you’re opening. Pay attention to what you’re clicking. The malware that would come from that could be a myriad of things.”

“I think, generally, the interest will be around some forms of cybercrimes, said Vohlers. “So trying to steal banking credentials or PII. I know that there is an Emotet malware for a while in Japan as well, which has really made a resurgence not too long ago and that actually helps steal banking credentials when you log into accounts.” She added that scams around just general ticketing to try to get that banking information, fraudulent websites, payment card theft, as well as phishing attacks, are also possible.

“And I think the one other thing to mention is really the potential disruption that spectators might face around potential hacks with the supply chain again, so thinking about wifi networks being impacted, I believe even hotels, if they’re impacted, that would impact those who are attending the event,” she noted.

‘A business interruption element’

Attacks will not just impact the top of the Olympic Games because other systems are attached to them, so even if an attack is just targeted at the Olympics, it could still spread everywhere else because the networks are connected. Ransomware tries to spread like a worm, and its spreads very quickly, so systems that are connected could be impacted even if it was not the intent of the threat actor.

Vohlers said what we need to be looking at is disruption — “sort of just a business interruption element.” She added that when it comes to ransomware, extortion has been increasing and becoming more targeted attacks and certainly in high-profile events like the Olympics. “The desire to recover from an attack might be greater than going through the whole remediation process,” she said.

There is a lot of money at stake. Should the Olympics be attacked, the losses would be great. The insurance industry is a stakeholder in major events like the Olympics and could encounter huge losses, considering that claims and liability could be impacted. A Reuters report revealed that the International Olympic Committee (IOC) typically takes out around $800 million of coverage for each Summer Olympics.

Leave a Reply

Your email address will not be published. Required fields are marked *

Related posts
Cyber Liability

The Rising Importance of Cyber Insurance for Startups

The landscape of cybersecurity is shifting rapidly, making cyber insurance a critical safeguard for startups. According to Embroker’s 2024 Cyber Risk Index: Startup Edition, 93% of startups now carry cyber insurance, a significant increase from 86% just two years ago. This trend reflects growing concerns over cyberattacks, with 81% of startup founders having faced a cyberattack in their career—up from 67% in 2022. Why Cyber Insurance Matters for Startups Startups face mounting pressures from investors, boards, and clients to maintain cyber coverage. In fact, 41% of founders say cyber insurance has helped them secure funding, underscoring its role beyond protection. As Andy Lea, Embroker’s chief insurance officer, explains, “Cyber insurance is becoming more important, not just for protection but as a business enabler, given the prominence of cyber breaches in the news.” Factors Driving Cyber Coverage Adoption Several elements are pushing startups toward cyber insurance: Moreover, 87% of startups are planning new cyber protection measures for 2025, while nine in 10 have a dedicated cybersecurity team or vendor. Confidence in Coverage Interestingly, while only 7% of startups opted for the most comprehensive cyber insurance in 2024, most founders remain optimistic about their policies. A substantial 66% believe their current coverage fully addresses their risk, up significantly from 30% in 2022. As cyber threats evolve, startups are increasingly prioritizing insurance as part of their resilience strategy, reflecting a broader industry shift toward proactive risk management.

Read More
Insurance-technology

Hard Market Needs Tech & Creativity: Navigating Challenges in the Insurance Industry

The insurance market is experiencing significant instability due to inflation, the global pandemic, evolving cybersecurity risks, and climate change. According to experts at Send’s INFUSE webinar titled Navigating the Hard Insurance Market, innovative technology and creative product design could be key in bringing stability to this challenging environment. Rising Risks and Challenges The growing frequency of weather-related disasters has especially made risk assessment difficult for insurers. Tandis Nili, managing principal of global risk management at Epic Insurance Brokers, highlighted that underwriting has struggled to keep pace. “Weather patterns are changing rapidly, and the underwriting models we’ve relied on are no longer sufficient,” Nili remarked. The traditional methods of predicting risks, based on past events, are no longer applicable as 100-year events are now happening much more frequently. Leveraging Technology for Stability Martina Conlon, executive principal at Datos Insights, emphasized the importance of utilizing automation and artificial intelligence (AI) to address this volatility. AI-driven predictive models, she explained, can assist insurers in making more accurate risk assessments, which in turn leads to better pricing and more efficient processes. “It’s all about moving beyond traditional tools like spreadsheets and policy systems,” Conlon said. By integrating more advanced technology, insurers can streamline operations and enhance accuracy in their assessments. Creative Product Innovation Another critical aspect in managing the hard market is innovative product design. Jennifer Kyung, CEO of NextGen Underwriting, discussed the opportunities for insurers to rethink product structures. This could involve adding new lines for emerging risks or restructuring existing products to share the responsibility between insurers and clients. For example, home insurance policies could evolve, particularly in regions facing heightened risks due to climate change. “This is a real opportunity for underwriters to creatively design products that better align with future risk landscapes,” Kyung added. Preparedness: A Key Lesson Lastly, the past few years have highlighted the need for insurers to be prepared for the unexpected. While it’s impossible to predict future events, the industry can ensure that it has the right tools and capabilities in place to respond swiftly and effectively when crises arise. As Kyung put it, “We may not predict what’s coming, but we can be ready for whatever it is.” Conclusion In today’s volatile market, insurers must embrace both technological advancements and creative product design to navigate the evolving risk landscape. By doing so, they can enhance stability, build consumer trust, and be prepared for future challenges.

Read More
Categories
Try your instant quote
Click here to proceed