The authorities of the Tokyo 2020 Summer Olympics recently issued a warning about an ongoing phishing campaign. It’s said that the suspicious emails are designed to look like they’re coming from the Tokyo Organizing Committee of the Olympic and Paralympic Games 2020.
The international multi-sport event is scheduled for next year between 24 July and August 9. 2020 in Tokyo, Japan. The authorities stated that the phishing emails will redirect the recipients to fake websites or infect their computer systems with malware if opened.
“We have recently detected emails disguised to look like they are coming from a Tokyo 2020 staff member. Although the email may look official and legitimate, if you have no reason to receive such an email or if the content is questionable, you should not click on the link or open any attached files. It is highly likely that you would be directed to a phishing site or your computer would be exposed to a virus,” the authorities said in an official statement.
“If you receive a questionable email, do not click on the link or open the attached file. Please delete the email immediately,” the statement added.
“Strontium” Targets Sporting Organizations
According to Microsoft’s Threat Intelligence Center report, a group of state-sponsored Russian hackers targeted nearly sixteen International Sporting and Anti-Doping organizations ahead of the 2020 Summer Olympics in Tokyo.
Microsoft stated the attacks are linked to a Russian hacking group “Strontium,” also known as Fancy Bear or APT28, which is believed to be linked to Russian military intelligence agency GRU and has been active since 2007.
The tech giant revealed that the methods used in recent attacks are similar to those previously used by Strontium to target government organizations, think tanks, militaries, law firms, human rights organizations, and financial firms across the world. It’s said that the Strontium group launched a variety of attacks, including spear-phishing, exploiting internet-connected devices, and password spraying.
In order to avoid any kind of cyber threats during the 2020 Olympic and Paralympic Games, the Japanese government had also introduced a new cybersecurity strategy in 2018. As a part of the strategy, the government planned to create a new body to ensure effective coordination among government agencies, the Olympic organizing committee, municipalities, and business operators to respond to cyber threats.
The government had also decided to introduce a five-level scale to classify the severity of cyber-attacks. The severity index categorizes the cyber-attacks into five levels: the lowest level 0 indicates “No Impact” while the highest level 4 indicates “Extremely Grave Impact.” The index would be helpful for people, government, and business entities to understand the magnitude of threats and take necessary actions.