Sunday, December 5, 2021

What Cybersecurity Will Look Like For The 2022 Olympic Winter Games

 


I remember when growing up, watching the Summer Olympics was always a huge thing for me and my parents.  They really loved the opening ceremonies, and probably one of their most favorite sports to watch (as well as mine) was swimming.  It was fun to see all of the spectators on TV, cheering on their favorite athletes, and just essentially partying and having a good time.

Back then, the thoughts of Cyberattacks and even a world pandemic never crossed people’s minds.  The only fear back then was the physical one, in which people could possibly carry a weapon, such as a gun.  There was of course that one bombing, in which numerous people were injured.  

But fast forward to now, and the entire sporting venue has changed literally a world over.

The COVID19 pandemic has changed everything, even including the Olympics.  The perfect example of this were the 2021 Tokyo Olympics.  It was supposed to occur in 2020, but with the outbreak, it was rescheduled to 2021. 

But even then, there was thought of rescheduling it yet again, because of a new onslaught of COVID19 which was starting to resurface again in Tokyo.

But the country forged ahead anyways, and decided to have it, but with the caveat were that there were no spectators allowed into the venues.  Many people questioned this, and even started to ask why even bother having it? 

But the Japanese government went ahead with it anyways, and the results that were yielded from it was actually in the end a double-edged sword for the country.

For example, there was a net loss of well over $30 billion, and some even question if the country will be even able to recoup from this huge deficit.  But on the flip side, these Olympics did prove one thing:  The Cybersecurity initiatives and efforts that were undertaken were amongst the best that ever happened in any public venue setting.

The consortium of people that were responsible for planning all of this was known as the “Olympic Cybersecurity Work Group for the Cyber Threat Alliance”, or also known as the “CTA” for short. 

This particular alliance met many times up to the actual run up of the Olympics, and prepared numerous Cyber analyses and presented their findings numerous times to the higher ups of the Olympic Committee.

They even went beyond this, and actually updated their documentation and findings in real time as possible, new threat variants were emerging on the horizon.  The group heavily cautioned the Japanese government of possible Cyber attacks by nation state actors, especially as it related to data hijacking, and Deepfakes, which could have been used to launch massive Phishing campaigns. 

Other possible targets were even the Critical Infrastructure of Japan.

Since it appeared now that the Olympics could only be attended in the virtual sense by live steaming only, this would be the next possible target by the Cyberattackers.  Because of this, the Cyber vendor that was primarily responsible for the Cyber defenses of the Tokyo Olympics, NTT Communications, really then stepped up their ante.

For example, an astonishing 11,000 Wi-Fi access points were deployed, and were watched on a 24 X 7 X 365 basis in order to make sure that they were not tampered with by any means. 

Also, great efforts were also taken to protect the endpoints of these systems, as they were also favored targets as well.  The results of these massive efforts eventually paid off. 

There were no actual Cyber threats that were occurred, and it was even reported that over 450 million potential Cyber-attacks were blocked.  More details about this can be found on the link below:

https://group.ntt/en/newsrelease/2021/10/21/211021a.html

This sheer volume represents more 2.5X of the total number of Cyberattacks that took place at the London 2012 Summer Olympics.  How was NTT able to yield this kind of success?  They have attributed to the following reasons:

*Taking a holistic and proactive approach (which is exemplified by all of the reports and findings that they published and presented to the Olympic Committee);

*Constantly monitoring the Cyber threat landscape on a real time basis;

*The deployment of various SOC based services;

*Having a dedicated team of more than 200 Cyber professionals on hand, ready to act on a moment’s notice.

My Thoughts On This

Well, I have to be honest, it is great to see a Cybersecurity take such a proactive approach when it comes to fortifying the lines of defenses, and having such a great success with it. In fact, this probably the first time that I have ever written anything like this. 

But now, here is the interesting thing:  The Winter Olympic Games are supposed to happen in 2022, and of all places, in China. 

The good news here is that NTT will be the same Cyber vendor here as well, so hopefully the same rate of success will also carry over here as well.  According to their reports, there could be well over half a billion Cyber events that could take place. 

Just try to fathom that kind of number!!!  But it is important to keep in mind that NTT will have to probably reevaluate their Cyber portfolio for Beijing, because of the constantly changing threat landscape, especially with the recent rash of Ransomware attacks.

But once again, because of the recent variants of COVID19 that have also broken out, there will be no spectators allowed either at these games.  Therefore once again, live streaming will be what will primarily be used to watch the athletes. 

I am expecting that the bulk of the Cyber security measures will have to take place here, especially when it comes to the use of Deepfakes, as described earlier. 

While we are fortunate to have other means to have the Olympics, whether it is Winter or Summer, the days of seeing and watching people come together could now very well be gone.  What is the next thing to happen?  Well, the athletes could represent themselves as Avatars, and have the Olympics in the Metaverse.

No comments:

Post a Comment

How To Launch A Better Penetration Test In 2025: 4 Golden Tips

  In my past 16+ years as a tech writer, one of the themes that I have written a lot about is Penetration Testing.   I have written man blog...