fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

FBI: Threat actors may be targeting the 2020 Tokyo Summer Olympics

FBI: Threat actors may be targeting the 2020 Tokyo Summer Olympics

The Federal Bureau of Investigation (FBI) warns of threat actors potentially targeting the upcoming Olympic Games, although evidence of attacks planned against the Olympic Games Tokyo 2020 is yet to be uncovered.

“The FBI to date is not aware of any specific cyber threat against these Olympics, but encourages partners to remain vigilant and maintain best practices in their network and digital environments,” the US intelligence service said in a private industry notification issued on Monday.

Also Read: When to Appoint a Data Protection Officer

As the FBI explains, attacks coordinated by criminal or nation-state threat actors targeting the Tokyo 2020 Summer Olympics could involve distributed denial of service (DDoS) attacks, ransomware, social engineering, phishing campaigns, or insider threats.

Such attacks could disrupt or even block live broadcasts of the event, exfiltrate sensitive data before encrypting or after hacking into IT systems, or impact digital infrastructure supporting the Olympics.

The attackers’ end goal would likely be to “make money, sow confusion, increase their notoriety, discredit adversaries, and advance ideological goals.”

This year’s Summer Olympics come with an increased potential to attract additional attention from malicious actors, given that they are the first to be viewed exclusively via digital platforms or TV broadcast, as required by COVID-19 pandemic restrictions.

On at least one occasion, data belonging to the Tokyo 2020 Organizing Committee was already compromised this year.

“In late May 2021, Japanese information technology equipment and service company Fujitsu disclosed a breach that compromised data from several of its corporate and government clients, including the Tokyo 2020 Organizing Committee and the Japanese Ministry of Land, Infrastructure, Transport, and Tourism,” the FBI said.

Tokyo 2020 Summer Olympics already used as phishing lures

In December 2019, Tokyo 2020 Summer Olympics staff already issued warnings alerting of phishing campaigns impersonating the Tokyo Organizing Committee of the Olympic and Paralympic Games (Tokyo 2020).

That was not the first time attackers have targeted the Tokyo 2020 Olympics, as both American and Japanese recipients were being picked as potential targets of a phishing campaign in September 2019.

According to a KYODO NEWS report, the attacks were uncovered by threat intelligence outfit Antuit while monitoring a hacker group in discussions on the dark web.

“Looking at their dialogue, there is a high possibility that the hacking group is of Chinese origin,” Antuit’s Japanese branch VP Shuhei Igarashi said.

Olympics directly targeted before

Last year, the US Department of Justice charged six Russian Main Intelligence Directorate (GRU) intelligence operatives believed to be part of the Russian-backed hacking group known as Sandworm for hacking operations targeting the Pyeongchang Winter Olympics.

Between December 2017 through February 2018, they coordinated spear-phishing campaigns and developed malicious mobile applications targeting South Korean citizens and officials, Olympic athletes, partners, visitors, and International Olympic Committee (IOC) officials.

They were also indicted for hacking into computers supporting the 2018 PyeongChang Winter Olympic Games, culminating with the February 2018 destructive malware attack against the Olympics opening ceremony, using malware known as Olympic Destroyer.

“The Russian actors obfuscated the true source of the malware by emulating code used by a North Korean group, creating the potential for misattribution,” the FBI said.

The direct result of this destructive attack was failing Internet and television systems used by on-site journalists reporting the opening ceremony.

In light of these previous incidents, the FBI suggests “reviewing or establishing security policies, user agreements, and patching plans to address current threats posed by malicious cyber actors.”

The US security service also shared a list of best practices that would mitigate or even block potential attacks against 2020 Tokyo Summer Olympics’ officials or IT infrastructure.

Also Read: 4 Things to Know When Installing CCTVs Legally

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us