Dozens of Israeli cybersecurity companies are among those securing the Olympic Games in Tokyo, an industry executive told The Jerusalem Post.
“Israel is a leading nation in the world in cybersecurity, with hundreds of companies in different spaces operating all over the world, including many big names in the field,” said Reuben Braham, vice president of marketing at CyberInt.
“I can’t divulge names for security reasons, but there are easily tens of companies involved with securing the Olympics. The problem is that if you disclose which vendors are participating, those vendors could become targets as well.”
Previous Olympics have all been the targets of heavy cyberattacks, and the Japanese government made cybersecurity a top priority years before the competition commenced last weekend, Braham said.
The opening ceremony of the 2012 Games in London was disrupted by attacks that knocked broadcasters offline, and subsequent games have had online ticket sales knocked offline, and the private medical data of competitors leaked.
“For a large event like this, cybersecurity can’t just be reactive,” Braham said. “The brunt of the efforts has to be proactive threat intelligence, identifying bad actors and mapping out strategies to mitigate risks ahead of time.”
A number of nation-states would have motives to undermine the games, most notably Russia, which has been banned from the Games for doping, North Korea and the bad actors operating there, and possibly China, which would be happy to see Japan embarrassed on a global stage, Braham said.
“There is also no shortage of activist groups that would love to hijack the Games to raise awareness for their cause,” he said. “Even within Japan, where polls have shown that 80% of people were against the Olympics happening this year due to COVID restrictions, there is chatter in the hacker forums about attacks ‘just to show them.’”
In the world of IoT (Internet of Things), where everything is connected, there are vulnerabilities everywhere, according to Yonatan Israel Garzon, CyberInt’s Cyber threat intelligence director.
“There could be DDOS denial of service attacks that hit a network with tons of traffic in order to knock it offline,” he said. “Media broadcasting stations could be targeted, or you could hit critical infrastructure, like lighting, electricity and water to cause a major disruption. It depends on the motivation of the group that is attacking.”
Other types of attacks could target private data leaks to gather sensitive information about individuals, or for criminal intent. “In addition to the nation-states and hacktivists, there are also cyber criminals looking to resell tickets illegally, show pirated broadcasts for free, and the like,” Garzon said. “These are lower-level threats to the Games, but still important issues.”
ONLINE ACTIVITY in Japan began experiencing a number of surprising new trends in the weeks leading up to the Olympics, noted Shiran Bareli, Global Security Research Manager at Imperva, a company focusing on securing the web applications layer.
“In recent weeks, we have seen three major DDOS attacks on major sites in Asia, including one last week from North Korea, which was one of the largest such attacks ever,” Bareli said. “There is reason to think they may be linked, with a bigger attack planned.”
In addition, Bareli said, the company has noticed a sharp spike in account takeover attacks, where bots are used to steal people’s passwords and identities. These types of attacks often rise around specific events, especially those with large commercial components, she noted.
“We are also seeing a sharp rise in comment-spamming bots from Russia on small- and medium-sized gambling sites, most likely related to criminal attacks by individuals,” Bareli added.
One type of threat CyberInt is less concerned about is a major ransomware attack. “These have been huge in the past few years, and we have been following how their use has evolved recently,” Braham said.
“But since the Colonial Pipeline attack in the United States several months ago, we see threat actors shying away from ransomware infrastructure attacks because they saw the kind of response that they received from the US Defense and law enforcement industries,” he said. “For nation-states, the potential political fallout from such an attack would be too great.”
CyberInt’s platform focuses on providing risk intelligence to proactively anticipate cyberattacks and defend against them. “Our technology monitors the channels and forums that hackers use on the dark web for chatter that could point to potential threats,” Braham said.
Other cybersecurity companies focus on other layers of an organization’s cyber defense strategy, with Olympics organizers often deploying multiple vendors on the same layer, he added.
“Another reason we can’t discuss which vendors are being used is that hackers could potentially use that knowledge to find a way to bypass their defenses,” he said. “Anyone along the supply chain is vulnerable.”