FBI warns cybercriminals are set to target the Olympic Games
The FBI has warned that hackers and other threat actors will look to target the Olympic Games this month.
The games have just begun in the Japanese capital Tokyo with billions of people around the world set to tune in to the action after a year’s delay due to the pandemic.
However this huge audience also potentially makes for rich pickings for hackers, and despite the lack of any overwhelming evidence to suggest a cyber-attack on the Games itself, the FBI has still urged companies and consumers alike to be on their guard.
In a ‘private industry notification‘ issued ahead of the Games, the US intelligence service warned that the Olympics could be targeted by any number of possible attacks, including distributed denial of service (DDoS) attacks, ransomware, social engineering, phishing campaigns, or insider threats.
The agency warned that such attacks could try to block or disrupt live broadcasts of the event, steal and possibly hack and leak or hold hostage sensitive data, or attack and impact public or private digital infrastructure supporting the Olympics.
“Malicious activity could disrupt multiple functions, including media broadcasting environments, hospitality, transit, ticketing, or security. The FBI to date is not aware of any specific cyber threat against these Olympics, but encourages partners to remain vigilant and maintain best practices in their network and digital environments,” the FBI notice added.
“The FBI to date is not aware of any specific cyber threat against these Olympics, but encourages partners to remain vigilant and maintain best practices in their network and digital environments.”
The FBI’s warning comes shortly after Japanese tech giant Fujitsu, which is supplying a number of services for the Olympics, was targeted by a major cyberattack earlier this year, suffering a data breach from several of its corporate and government clients, including the Tokyo 2020 Organizing Committee and the Japanese Ministry of Land, Infrastructure, Transport, and Tourism.
Members of the organizing committe of the Olympics were also targeted in a seperate attack in June 2021, with data including the names and affiliations of the individuals, who were linked with roughly one hundred organizations that are involved in hosting the sporting event, leaked online.
The agency’s warning also noted that in 2018 it indicted Russian cyber actors after the opening ceremony of the 2018 PyeongChang Winter Olympics was hit by a cyberattack, with South Korean citizens and officials, Olympic athletes, partners, visitors, and International Olympic Committee officials also targeted with spearphishing campaigns and malicious mobile applications.
In order to mitigate the effects of any potential cyberattacks, the FBI is urging service providers and partners to ensure their cyber protection is fully patched and up to date with the latest upgrades.
It also encouraged the monitoring of networks due to the large amount of VPN usage expected around the Games, and implementing multi-factor authentication on all VPN connections.
The FBI adds that it “does not recommend paying ransoms” for any organisations hit by ransomware attacks, noting that, “payment does not guarantee files will be recovered and may embolden malicious cyber actors to target additional organizations, encourage other criminal actors to engage in the distribution of malware, and/or may fund illicit activities”, instead asking victims to report any attacks immediately.