The total number of security events that were blocked during the Tokyo 2020 Olympic Games, including unauthorised communications to the official Web site, numbered a staggering 450 million.
This was revealed by NTT Corporation, which provided telecoms services, network security and various cyber security measures for the Tokyo 2020 Olympic and Paralympic Games.
When monitoring both the Olympics systems, including the network, official Web site and mobile app, and the external environment, in addition to the disinformation sites or fake Web sites found, several DDOS and service disruption-related attacks were also identified.
Shinichi Yokohama, CISO of NTT, says he believes some of the attacks might have been carried out by APT groups. “NTT analysed where any suspicious attacks came from. However, we cannot identify specific APT groups or nation-states. Also, the apparent origin of an attack, as you know, does not mean the attackers were actually physically there, in any case.”
Operating the games
NTT provided critical communication services for operating the Games, including a broadcasting network to connect venues with the Tokyo Big Sight that served as an International Broadcast Centre (IBC), as well as various systems for running the event and data network services for the system to release game results to the media.
In addition, NTT built the LAN for the venues, including the 43 Games venues, IBC, the Main Press Centre and the Olympic Village, providing various communication services including distributing videos and land lines to associates. All Games venues were turned to 5G mobile networks, whose commercial services had started in 2020 in Japan.
NTT staff supporting telecoms services for the Games numbered 650 at the Games venues, 350 at the Technology Operations Center and another 90 at the Security Operations Center.
During the Games, unauthorised communications targeting vulnerabilities in terminals were observed, but the telco says it responded by blocking the communications.
A successful defence
NTT believes the successful defence of the Games can be attributed to several factors.
Firstly, to threat intelligence and monitoring. “Drawing on the lessons learned from the large-scale international events (malware attacks, operational information stealing, APT attacks) to date, we have strengthened our crisis management by strengthening the collection and monitoring of threat information from the Tokyo 2020 Games network system and general external information,” the company said.
Next, in response to the complexity of the ICT environment at the Tokyo 2020 Games, NTT maintained a "cyber hygiene" environment by adopting a whitelist (enumerating only possible communication protocols) format, and implemented its security solutions.
Through a training program and repeated verification of simulated attacks, the team members were able to grasp the complexity of the Tokyo 2020 Games ICT environment and raised awareness of preventive maintenance.
Takeshi Tachi, executive director of Technology Services, Tokyo 2020 Organizing Committee of the Olympic and Paralympic Games, said during the event, there was global co-operation to conduct monitoring, information gathering, and incident response.
“Due to our proactive defence approach, including early implementation of an information security management system, custom architecture design, countermeasure reviews including field exercises and security audits, and global collaboration, there were no successful breaches of these Games,” he added.
Share