Cyber experts warn of ransomware risks during Tokyo Olympics

Should the Summer Games face a cyberattack, the losses would be significant.

The five-ring symbol of the Olympic Games in Tokyo, Japan.

It might be assumed that with the ban on physical spectators at the postponed 2020 Tokyo Olympics, the level of risk stemming from this global event — particularly the spread of COVID-19 — has diminished, but cyber experts warn of a different risk: cyber. Fears of telecom disruptions and ransomware attacks are founded, and the damage that could be caused has increased with the reliance on technology to broadcast the Games, which kicked off on July 23rd. Experts say insurers could face potentially massive losses based on the high-risk factors.

Organizers have said that they are prepared for the kind of cyberattack that temporarily paralyzed IT systems ahead of the official opening ceremonies of the 2018 Pyeongchang Winter Olympics in South Korea.

“I think Japan is prepared for what happened in South Korea in 2018, but the landscape for cyberattacks has shifted so they can only be prepared for what they’ve seen in the past but maybe not for the next iteration of it,” Robert Behny, senior director of cyber data and partnerships at Verisk, told PropertyCasualty360. He added that “The best preparation that they can do ensure they have a solid foundation — software patching and system backups.”

COVID-19 has forced the world to transition to a digital state faster than expected. Japanese officials have even said they are utilizing technology such as facial recognition systems to monitor volunteers. A cyberattack on a broadcast or streaming network used by the Olympics may spell disaster as attackers could have hacked the IT infrastructure over a year ago when it was originally planned to be used.

While Japan has shown that they have been busily working on cybersecurity defenses over the past several years, Bethany Vohlers, senior manager for cyber solutions at Verisk, said: “In a lot of ways, the actors are always one step ahead of where the rest of the industry is. And that’s coming from the fact that they are largely typically nation-state attacks that are heavily funded. It can be an act of war, but it’s really a tool. And so there’s always going to be this appetite in the cybercrime world…to try and disrupt these sorts of events.”

Although Japan is ranked as low-risk by insurance and risk management firms, giving it a stellar reputation as a safe place to visit, the nation cannot afford to become too complacent.

With spectators having to watch the Games virtually, it means purchasing tickets with banking information and logging in to a website account to print tickets and watch the Games. If there’s an attack on the Olympics, disruptions to the virtual supply chain could impact companies supporting the Olympic Games and even virtual spectators.

With the absence of in-person attendance, the event is going to be very reliant on technology to stream or to save content, Behny said.

“That high technology reliance means that you’re going to have third parties of the Olympics officiants and fourth parties supporting that type of technology to stream content and to save the content for later viewing,” he added.

Even at-home spectators face risks

The organizers of the Olympics aren’t the only ones who should be vigilant. Suppliers and spectators must take action to protect themselves and those they are connected to. In addition to malware, there’s also the possibility of ransomware attacks, so what can companies expect if they’re targeted?

“I think all the suppliers, if you’re not the Olympic committee who’s actually putting on the show, you’re probably a target for ransomware,” Behny said. He added that if a threat actor can take you down and make you pay as a ransom or extortion, they achieved their goal because their criminal organization gets paid. But for the Olympic organizing team, threat actors want to have a media blackout so the Games can’t be produced.”

Behny warns spectators to be cognizant of phishing emails, so, if they get emails, they need to know if it’s a legitimate email from the Olympics or one from a streaming provider that they actually trust and shouldn’t click links that they don’t trust because it could have malicious attachments. “It’s the typical…good hygiene, good citizen of email etiquette,” he said, adding, “Pay attention to what you’re opening. Pay attention to what you’re clicking. The malware that would come from that could be a myriad of things.”

“I think, generally, the interest will be around some forms of cybercrimes, said Vohlers. “So trying to steal banking credentials or PII. I know that there is an Emotet malware for a while in Japan as well, which has really made a resurgence not too long ago and that actually helps steal banking credentials when you log into accounts.” She added that scams around just general ticketing to try to get that banking information, fraudulent websites, payment card theft, as well as phishing attacks, are also possible.

“And I think the one other thing to mention is really the potential disruption that spectators might face around potential hacks with the supply chain again, so thinking about wifi networks being impacted, I believe even hotels, if they’re impacted, that would impact those who are attending the event,” she noted.

‘A business interruption element’

Attacks will not just impact the top of the Olympic Games because other systems are attached to them, so even if an attack is just targeted at the Olympics, it could still spread everywhere else because the networks are connected. Ransomware tries to spread like a worm, and its spreads very quickly, so systems that are connected could be impacted even if it was not the intent of the threat actor.

Vohlers said what we need to be looking at is disruption — “sort of just a business interruption element.” She added that when it comes to ransomware, extortion has been increasing and becoming more targeted attacks and certainly in high-profile events like the Olympics. “The desire to recover from an attack might be greater than going through the whole remediation process,” she said.

There is a lot of money at stake. Should the Olympics be attacked, the losses would be great. The insurance industry is a stakeholder in major events like the Olympics and could encounter huge losses, considering that claims and liability could be impacted. A Reuters report revealed that the International Olympic Committee (IOC) typically takes out around $800 million of coverage for each Summer Olympics.