{"id":888,"date":"2021-12-01T12:08:00","date_gmt":"2021-12-01T12:08:00","guid":{"rendered":"https:\/\/dev.cryptoloc.au\/?p=888"},"modified":"2023-10-03T06:16:39","modified_gmt":"2023-10-03T06:16:39","slug":"threat-level-olympics-how-many-cyber-attacks-were-attempted-on-the-tokyo-games","status":"publish","type":"post","link":"https:\/\/127.0.0.1\/threat-level-olympics-how-many-cyber-attacks-were-attempted-on-the-tokyo-games\/","title":{"rendered":"Threat Level: Olympics \u2013 How many cyber attacks were attempted on the Tokyo Games?"},"content":{"rendered":"\n<p>In the latest episode of the \u2018Jamie Versus The Hack\u2019 podcast, we break down how the Tokyo Olympics were protected from an unprecedented onslaught of cyber attacks.&nbsp;<\/p>\n\n\n\n<p>The Tokyo Olympics were a triumph of digital logistics. For the first time, no spectators sat in the stands as the world\u2019s best athletes competed \u2013 instead, the world was watching from home, online and on their smartphones.&nbsp;<\/p>\n\n\n\n<p>But hosting the most digital Olympics ever brought with it a slew of challenges \u2013 about 450 million of them, in fact.<\/p>\n\n\n\n<p>This episode, Dirk Hodgson \u2013 the Director of Cybersecurity at telco NTT, entrusted with providing critical communication services for operating the Games \u2013 schools Cryptoloc Founder and Chairman Jamie Wilson and our resident Hack on what it takes to protect the Olympic Games from hackers.&nbsp;<\/p>\n\n\n\n<div style=\"width: 100%; height: 200px; margin-bottom: 20px; border-radius: 6px; overflow:hidden;\"><iframe style=\"width: 100%; height: 200px;\" frameborder=\"no\" scrolling=\"no\" seamless src=\"https:\/\/player.captivate.fm\/episode\/62e8dcba-34f9-4886-9bc1-51fcd087849b\"><\/iframe><\/div>\n\n\n\n<h3 class=\"wp-block-heading\">The challenge&nbsp;<\/h3>\n\n\n\n<p>As an Olympic and Paralympic Games Tokyo 2020 Gold Partner, NTT was tasked with providing telecommunications services for the Games, as well as network security for those services and various cybersecurity measures.<\/p>\n\n\n\n<p>They provided a broadcasting network to connect the 43 Games venues with the Tokyo Big Sight that served as an International Broadcast Centre (IBC), as well as various systems for safely running the event and data network services for the system to release game results to the media, supporting steady operation of the event.<\/p>\n\n\n\n<p>\u201cI like to think of NTT as the world\u2019s largest company that nobody in Australia has ever heard of,\u201d Dirk says. \u201cWe\u2019re actually very famous in Japan, which is where we come to the topic of the Olympics, but NTT is one of the world\u2019s largest telcos, and we also have a technology services delivery company, which is where I fit into the picture.\u201d<\/p>\n\n\n\n<p>In total, there were 450 million attacks at hacking the Games \u2013 more than twice the number of attacks seen during the 2012 London Olympics.&nbsp;<\/p>\n\n\n\n<p>\u201cThe Olympics have always been targeted,\u201d Dirk says. \u201cThey\u2019re a big public event. They attract people who want to take a closer look at it \u2013 perhaps for profit, perhaps for a whole range of other reasons. But certainly the uptick in attacks against Tokyo, compared to, say, London and other Olympics that came before, was very significant.\u201d<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Faster, Higher, Stronger&nbsp;<\/h3>\n\n\n\n<p>Incredibly, none of the 450 million attacks were successful, and the Games went off without a hitch.&nbsp;<\/p>\n\n\n\n<p>The attacks included Emotet malware, email spoofing and phishing, and fake websites made to look like they were associated with the Olympics.&nbsp;<\/p>\n\n\n\n<p><a href=\"https:\/\/group.ntt\/en\/newsrelease\/2021\/10\/21\/211021a.html\">NTT\u2019s approach to protecting the event<\/a>&nbsp;involved ongoing threat intelligence monitoring and analysis.&nbsp;<\/p>\n\n\n\n<p>\u201cYou have to remember that the infrastructure at the Olympics is fundamentally different to what you\u2019d have in an office building,\u201d Dirk says.&nbsp;<\/p>\n\n\n\n<p>\u201cOne example is the sailing\u2026 NTT and a number of our partners actually installed, quite literally, a 55 metre long floating 12K TV out in the water, so people could be standing on the sideline or watching via streamed video and see the sailing that was happening on that very large, very high quality TV.&nbsp;<\/p>\n\n\n\n<p>\u201cAll of the feeds were coming from the boats themselves, as well as a fleet of drones that were flying above the sailing event, so you\u2019ve got all of these different things happening, which just creates a whole range of [surfaces] that bad guys can attack.&nbsp;<\/p>\n\n\n\n<p>\u201cSo on the one hand, they might go for a phishing attack. They might get somebody to click a link. But on the other hand, when they look at, say, trying to take those drones out of the air, there could be a whole other way of doing that. It might be a denial-of-service attack, it might be a range of other types of attack at that point.<\/p>\n\n\n\n<p>\u201cWhat you need to do is really look at what the risks are in the environment, but you also need to establish visibility of the environment. It doesn\u2019t take a rocket scientist to work out that the Olympics are a temporary event, so there\u2019s a whole lot of new IT that turns up literally on the back of trucks to get set up for the Olympics, and then it goes away afterwards.<\/p>\n\n\n\n<p>\u201cA big part of it was making sure that all of that had telemetry on it, so it could be tracked in security operation centres\u2026 making sure that you can see everything that happens is really important. Understanding the risk is really important. That\u2019s why NTT, over the years, has invested heavily in making sure we know what\u2019s happening in \u2018Bad Guy Land\u2019, and making sure that we can see the threats out there and we can help our customers to protect against those.&nbsp;<\/p>\n\n\n\n<p>\u201cUltimately, that threat intelligence stood us in good stead for the Olympics, to make sure that we could see the attacks and categorise those attacks quickly.\u201d<\/p>\n\n\n\n<p>NTT also employed an expert team of over 200 cybersecurity specialists as part of its complete security solutions package.&nbsp;<\/p>\n\n\n\n<p>\u201c[It took] a combination of smart technology and smart people,\u201d Dirk says. \u201cNTT had 200 people working on this at any one time\u2026 but even with that many people, you were never going to be able to see everything. I mean, 200 people, 450 million attacks, it just doesn\u2019t add up.<\/p>\n\n\n\n<p>\u201cThe important thing here is that you\u2019ll never have enough people in this game. It\u2019s an asymmetric threat \u2013 as a bad guy, you can launch attacks willy-nilly, and you only have to have one get through to be completely successful. On the defence, you need to be sitting there all day, every day, defending against each and every one, and if a single one gets through, you\u2019re in all sorts of trouble.<\/p>\n\n\n\n<p>\u201cSo you\u2019ve got to have the right algorithms in place, and you have to have all of the data coming back so you can analyse it accordingly, and then it\u2019s the people plus the technology that make the difference.\u201d<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Et tu, 2032?&nbsp;<\/h3>\n\n\n\n<p>Dirk says that by the time the Olympics return to Australia in 2032, the cybersecurity landscape could look drastically different.&nbsp;<\/p>\n\n\n\n<p>\u201cWe\u2019re still 11 years away from Brisbane 2032,\u201d he says. \u201cI mean, take yourself back 11 years and think about what was different. iPhones and Android phones were only a couple of years old back then. That\u2019s how far in the future this is. I think technology and cyberattacks are already changing so quickly that it\u2019s impossible to say, \u2018Here\u2019s what we should expect in that period of time\u2019.<\/p>\n\n\n\n<p>\u201cI do think the threat isn\u2019t going away. It\u2019s going to be&nbsp;<em>something<\/em>. There\u2019s going to be some degree of people who are trying to profit, people who are trying to disrupt, and perhaps people who are just trying to have fun by attacking the next Olympics.&nbsp;<\/p>\n\n\n\n<p>\u201cWhat I think we, in the industry, need to do is make sure that we\u2019re working with all of the stakeholders to give the best possible consumer experience and the best possible spectator experience in the safest possible way with whatever technology happens to be available at the time.\u201d<\/p>\n\n\n\n<p><strong>Hear more from Dirk on&nbsp;<\/strong><a href=\"https:\/\/player.captivate.fm\/episode\/62e8dcba-34f9-4886-9bc1-51fcd087849b\" target=\"_blank\" rel=\"noreferrer noopener\"><strong>this week\u2019s episode of the \u2018Jamie Versus The Hack\u2019 podcast<\/strong><\/a><strong>.<\/strong><\/p>\n\n\n\n<p><strong>Each episode, Cryptoloc Founder and Chairman Jamie Wilson takes our clueless Hack through the terrifying aspects of what happens when business\u2019 cyber and data security is breached, often with devastating consequences. Through case studies, expert guests and more, Jamie will build our Hack into a cybersecurity guru.&nbsp;<\/strong><a href=\"https:\/\/cryptoloc.com\/podcast\"><strong>Listen here<\/strong><\/a><strong>&nbsp;or subscribe on Spotify or Apple Podcasts.&nbsp;<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>In the latest episode of the \u2018Jamie Versus The Hack\u2019 podcast, we break down how the Tokyo Olympics were protected from an unprecedented onslaught of cyber attacks.&nbsp; The Tokyo Olympics were a triumph of digital logistics. For the first time, no spectators sat in the stands as the world\u2019s best athletes competed \u2013 instead, the [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":1095,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/888"}],"collection":[{"href":"https:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/127.0.0.1\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/127.0.0.1\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/127.0.0.1\/wp-json\/wp\/v2\/comments?post=888"}],"version-history":[{"count":2,"href":"https:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/888\/revisions"}],"predecessor-version":[{"id":1136,"href":"https:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/888\/revisions\/1136"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/127.0.0.1\/wp-json\/wp\/v2\/media\/1095"}],"wp:attachment":[{"href":"https:\/\/127.0.0.1\/wp-json\/wp\/v2\/media?parent=888"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/127.0.0.1\/wp-json\/wp\/v2\/categories?post=888"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/127.0.0.1\/wp-json\/wp\/v2\/tags?post=888"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}