450 million cyberattacks attempted on Japan Olympics infrastructure: NTT

NTT said the number of attacks was 2.5x times the number of attacks seen during the 2012 London Summer Olympics.
Written by Jonathan Greig, Contributor

The NTT Corporation, which provided wide-ranging telecommunications services and network security for the Olympic & Paralympic Games in Tokyo this summer, said there were more than 450 million attempted cyberattacks during the event in July. 

NTT officials said none of the attacks were successful and added that the games went on without a hitch. But the number of attacks was 2.5x the number seen during the 2012 London Summer Olympics.

NTT's Andrea MacLean compared the cybersecurity struggle to Harry Potter's final fight against Voldemort, calling the effort to protect the event "Herculean."

"Cybercriminals certainly saw the Games -- and its related supply chain -- as a high-value target with low downtime tolerance. After all, crime follows opportunity. And with connected stadiums, fan engagement platforms and complete digital replicas of sporting venues and the events themselves becoming the norm, there's plenty of IT infrastructure and data to target -- and via a multitude of components," MacLean said. 

She explained that NTT's approach to protecting the event included "ongoing threat intelligence monitoring and analysis, SOC services, a complete security solutions package and an expert team of over 200 cybersecurity specialists."

MacLean said among the 450 million attacks, NTT saw the Emotet malware, email spoofing and phishing, as well as fake websites made to look like they were associated with the Olympics.

"Sporting events like the Olympic Games, the Tour de France, and the Indy 500, for example, are the definition of real-time environments," MacLean said. "Once begun, there is no room for downtime. And with a highly distributed team and limited physical presence, agile technologies that can respond to any threats are critical."

NTT provided a full report on the games, noting that it provided both communication services for operating the Games and a broadcasting network to connect Games venues with the Tokyo Big Sight that served as an International Broadcast Centre. 

"NTT built LAN for the venues, including the 43 Games venues, IBC, the Main Press Center and the Olympic Village, providing various communication services including distributing videos and landlines to associates. All Games venues were turned to 5G mobile networks, whose commercial services had started in 2020 in Japan, to offer mobile phone services," NTT said, adding that they had a total of 10,000 employees supporting the event. 

"During the Games, unauthorized communications targeting vulnerabilities in terminals were observed, but NTT responded by blocking the communications."

NTT said it held multiple cybersecurity training programs and ran simulations ahead of the event to prepare its cybersecurity team. 

In its advance report released before the Games, NTT predicted that it would face nation-state cyberattacks, ransomware attacks and disinformation attacks, some of which may come from Russian, North Korean and Chinese state-sponsored threat actors. 

They noted that cybercriminals were likely to deploy Distributed Denial of Service (DDoS) attacks, ransomware attacks or attacks against critical infrastructure.

The FBI released a private industry alert before the Games, urging organizations working with the Tokyo 2020 Summer Olympics to prepare for a wave of "DDoS attacks, ransomware, social engineering, phishing campaigns, or insider threats to block or disrupt live broadcasts of the event, steal and possibly hack and leak or hold hostage sensitive data, or impact public or private digital infrastructure supporting the Olympics."

The notice went on to reference the Pyeongchang cyberattack that took place during the previous Olympics in February 2018, where Russian hackers deployed the OlympicDestroyer malware and damaged web servers during the opening ceremony.

According to the notice, the hackers "obfuscated the true source of the malware by emulating code used by a North Korean group, creating the potential for misattribution," according to the notice. In October 2020, the Justice Department indicted six Russian intelligence operatives for the attack on the Pyeongchang Games. 

Editorial standards