SIM Report: Northeast Asia, Issue 5

JAPAN: ELEVATED CYBERSECURITY THREATS DURING TOKYO GAMES HIGHLIGHT NEED FOR ROBUST CYBER DEFENCES

The Bank of Japan (BOJ), the country’s central bank, on 31 January said that the island nation’s financial institutions must protect themselves against cyberattacks ahead of the July 2020 Tokyo Olympic Games. According to a BOJ survey, almost 40 per cent of banks and other companies have faced breaches throughout the past three years, though 60 per cent of the 402 financial institutions surveyed said they lacked cyber security personnel. The BOJ’s announcement follows the government’s assembly on 27 January of a set of emergency cybersecurity-linked proposals ahead of the games. These include the singling out of devices using Internet of Things (IoT) technology that could be breached, and the prompt reporting of cyberattacks after they take place.

The proposals were likely in response to the public security intelligence agency’s warning in early January that state-backed cyberattacks on the games are to be expected, following the discovery of phishing emails impersonating Olympics staff. Though it is unclear who conducted the attacks, AI research firm Antuit suspects that China was involved. The appeal for timely reporting of breaches is likely in response to defence, infrastructure, and electronics company Mitsubishi Electric Corporation’s announcement on 20 January that it had been targeted in an extensive cyberattack that was initially discovered in June 2019. State-sponsored cyberattacks on the Olympic Games have intensified over the past few games, with 250 million cyberattacks on the 2012 London games and 500 million attacks on the 2016 Rio games. Hackers aim to cause disruption or exfiltrate personal data for monetary gain. Disruption may include interruption to on-site cellular phone access or power supplies, as well as hijacking of Olympic communications infrastructure and digital displays to broadcast propaganda or fraudulent emergency messages aimed at spreading panic, according to cyber experts. Depending on the severity of the situation around Covid-19 (formerly novel coronavirus, or 2019-nCoV) by July, such messages could, include misinformation about the threat of the pathogen. Cashless payments may also be targeted over the games, especially as Visa will be offering such options across the country, including the Olympic Village and other venues. Hackers in July 2019 targeted 900 customer accounts of convenience store 7-Eleven Japan’s 7Pay app, which had introduced a mobile payments feature, to carry out USD500,000 worth of purchases. The attack resulted in 7-Eleven Japan disabling the payments tool. Experts say that it is nearly impossible to entirely prevent cyberattacks, so the focus should be in mitigating their impact. In line with this thinking, the Japanese government and firms have taken steps to protect critical transportation and communication networks.

State-backed attacks on the Tokyo Games are particularly likely by Russian hacker groups such as Strontium (also known as APT28 or Fancy Bear), due to strained relations between Tokyo and Moscow over issues such as the disputed Kuril Islands and Russia’s ban on participating in the games over alleged doping. Strontium disrupted the 2018 Pyeongchang Winter Olympics in South Korea by using malware to seize servers and approximately 300 computers to hack partner companies and the organising committee. The attack caused failures in the internet and television at the main press centre, Wi-Fi outages in the stadium, and the event’s official website to go offline for 12 hours. Microsoft in October 2019 also announced that Strontium had targeted at least 16 multinational anti-doping and sporting organisations as of September 2019. Their cyberattacks involved the use of malware, exploitation of internet-connected devices, password spray, and spear-phishing, though experts say that ransomware may also pose a significant threat to the Tokyo Games. According to cyber experts, suppliers, subcontractors, and sponsors with less secure networks are also likely to be targeted, in addition to the government, organisers, and businesses involved in critical infrastructure.

WANT TO READ MORE ANALYSIS IN THIS LATEST SIM EDITION...

JAPAN: COVID-19 THREATENS TOKYO GAMES, UNDERSCORING EXTENSIVE DISRUPTION CAUSED BY THE PATHOGEN   

SOUTH KOREA: PORTS AND SHIPPING INDUSTRY DISRUPTED BY COVID-19 OUTBREAK