Threat Level: Olympics – How many cyber attacks were attempted on the Tokyo Games?
In the latest episode of the ‘Jamie Versus The Hack’ podcast, we break down how the Tokyo Olympics were protected from an unprecedented onslaught of cyber attacks.
The Tokyo Olympics were a triumph of digital logistics. For the first time, no spectators sat in the stands as the world’s best athletes competed – instead, the world was watching from home, online and on their smartphones.
But hosting the most digital Olympics ever brought with it a slew of challenges – about 450 million of them, in fact.
This episode, Dirk Hodgson – the Director of Cybersecurity at telco NTT, entrusted with providing critical communication services for operating the Games – schools Cryptoloc Founder and Chairman Jamie Wilson and our resident Hack on what it takes to protect the Olympic Games from hackers.
The challenge
As an Olympic and Paralympic Games Tokyo 2020 Gold Partner, NTT was tasked with providing telecommunications services for the Games, as well as network security for those services and various cybersecurity measures.
They provided a broadcasting network to connect the 43 Games venues with the Tokyo Big Sight that served as an International Broadcast Centre (IBC), as well as various systems for safely running the event and data network services for the system to release game results to the media, supporting steady operation of the event.
“I like to think of NTT as the world’s largest company that nobody in Australia has ever heard of,” Dirk says. “We’re actually very famous in Japan, which is where we come to the topic of the Olympics, but NTT is one of the world’s largest telcos, and we also have a technology services delivery company, which is where I fit into the picture.”
In total, there were 450 million attacks at hacking the Games – more than twice the number of attacks seen during the 2012 London Olympics.
“The Olympics have always been targeted,” Dirk says. “They’re a big public event. They attract people who want to take a closer look at it – perhaps for profit, perhaps for a whole range of other reasons. But certainly the uptick in attacks against Tokyo, compared to, say, London and other Olympics that came before, was very significant.”
Faster, Higher, Stronger
Incredibly, none of the 450 million attacks were successful, and the Games went off without a hitch.
The attacks included Emotet malware, email spoofing and phishing, and fake websites made to look like they were associated with the Olympics.
NTT’s approach to protecting the event involved ongoing threat intelligence monitoring and analysis.
“You have to remember that the infrastructure at the Olympics is fundamentally different to what you’d have in an office building,” Dirk says.
“One example is the sailing… NTT and a number of our partners actually installed, quite literally, a 55 metre long floating 12K TV out in the water, so people could be standing on the sideline or watching via streamed video and see the sailing that was happening on that very large, very high quality TV.
“All of the feeds were coming from the boats themselves, as well as a fleet of drones that were flying above the sailing event, so you’ve got all of these different things happening, which just creates a whole range of [surfaces] that bad guys can attack.
“So on the one hand, they might go for a phishing attack. They might get somebody to click a link. But on the other hand, when they look at, say, trying to take those drones out of the air, there could be a whole other way of doing that. It might be a denial-of-service attack, it might be a range of other types of attack at that point.
“What you need to do is really look at what the risks are in the environment, but you also need to establish visibility of the environment. It doesn’t take a rocket scientist to work out that the Olympics are a temporary event, so there’s a whole lot of new IT that turns up literally on the back of trucks to get set up for the Olympics, and then it goes away afterwards.
“A big part of it was making sure that all of that had telemetry on it, so it could be tracked in security operation centres… making sure that you can see everything that happens is really important. Understanding the risk is really important. That’s why NTT, over the years, has invested heavily in making sure we know what’s happening in ‘Bad Guy Land’, and making sure that we can see the threats out there and we can help our customers to protect against those.
“Ultimately, that threat intelligence stood us in good stead for the Olympics, to make sure that we could see the attacks and categorise those attacks quickly.”
NTT also employed an expert team of over 200 cybersecurity specialists as part of its complete security solutions package.
“[It took] a combination of smart technology and smart people,” Dirk says. “NTT had 200 people working on this at any one time… but even with that many people, you were never going to be able to see everything. I mean, 200 people, 450 million attacks, it just doesn’t add up.
“The important thing here is that you’ll never have enough people in this game. It’s an asymmetric threat – as a bad guy, you can launch attacks willy-nilly, and you only have to have one get through to be completely successful. On the defence, you need to be sitting there all day, every day, defending against each and every one, and if a single one gets through, you’re in all sorts of trouble.
“So you’ve got to have the right algorithms in place, and you have to have all of the data coming back so you can analyse it accordingly, and then it’s the people plus the technology that make the difference.”
Et tu, 2032?
Dirk says that by the time the Olympics return to Australia in 2032, the cybersecurity landscape could look drastically different.
“We’re still 11 years away from Brisbane 2032,” he says. “I mean, take yourself back 11 years and think about what was different. iPhones and Android phones were only a couple of years old back then. That’s how far in the future this is. I think technology and cyberattacks are already changing so quickly that it’s impossible to say, ‘Here’s what we should expect in that period of time’.
“I do think the threat isn’t going away. It’s going to be something. There’s going to be some degree of people who are trying to profit, people who are trying to disrupt, and perhaps people who are just trying to have fun by attacking the next Olympics.
“What I think we, in the industry, need to do is make sure that we’re working with all of the stakeholders to give the best possible consumer experience and the best possible spectator experience in the safest possible way with whatever technology happens to be available at the time.”
Hear more from Dirk on this week’s episode of the ‘Jamie Versus The Hack’ podcast.
Each episode, Cryptoloc Founder and Chairman Jamie Wilson takes our clueless Hack through the terrifying aspects of what happens when business’ cyber and data security is breached, often with devastating consequences. Through case studies, expert guests and more, Jamie will build our Hack into a cybersecurity guru. Listen here or subscribe on Spotify or Apple Podcasts.