Japan prepared for hacking efforts by establishing a white hat hacking team in order to prevent and combat cyberattacks

Jul 26, 2021 15:40 GMT  ·  By

Tokyo 2020 Olympic Games event volunteers and ticket holders' credentials were allegedly stolen after a data breach, according to a statement last week from a Japanese government official, says Computer Weekly.

According to an official, who spoke on the condition of remaining anonymous, the stolen credentials were sent to volunteer websites. Despite the fact that the data breach scale was not substantial, measures were being taken to prevent the dissemination of the affected information in the future.

The Japanese government has been gearing up for a broader offensive than the one launched against the Rio de Janeiro and London Olympics. It has been working with the Tokyo 2020 organizing committee on cybersecurity exercises such as Cyber Colosseum that would simulate possible attacks in urban and rural areas.

In order to avoid cyberattacks, Japan formed a white hat hacking squad 

Earlier this year, 220 white hat hackers from Japanese ICT firms such as NTT and NEC were also trained in a security training program created by the IT National Institute of Japan. In an assessment of Japan's Tokyo 2020 cybersecurity plan released February 2021, Mihoko Matsubara, chief cybersecurity strategist at NTT, said the coronavirus epidemic has complicated methods of securing the event physically and digitally.

With over 90% of Tokyo 2020 attendees working from home to avoid infection with Covid-19, Matsubara said it is important to protect infrastructure related to Tokyo 2020, such as power, transportation, sites, and remote working conditions.

The International Olympic Committee claimed it was frequently attacked in Rio 2016. Phishing emails were also directed at athletes to steal credentials that could be used to access a World Anti-Doping Agency database. Threat actors looking to capitalize on the occasion have traditionally targeted the Olympic Games. During London 2012, 6 significant cyberattacks were recorded, including 40-minute DDoS attacks on electricity infrastructure. Cybercriminals have also taken to social media at certain times to carry out similar attacks.