Search This Blog

Showing posts with label Olympics. Show all posts

Olympic Ticket Data Leaked, Says Japanese Government

 

Following a breach, user IDs and passwords for the Tokyo Olympic ticket gateway were released on a leak website, a government official told Kyodo News on Wednesday. The leak was "not huge," according to the source, but the IDs and passwords might provide someone access to a person's name, address, bank account information, and other personal information. 

The government source, who spoke on the condition of anonymity, said the organizing body for the Games has initiated an investigation. The hack reportedly includes the names, addresses, and bank account information of individuals who purchased Paralympic tickets, as well as a volunteer portal. They did not specify how many accounts were compromised. The leak was revealed as Japanese musician Keigo Oyamada resigned this week from the team producing Friday's Olympic opening ceremony after admitting to previously bullying and abusing children with disabilities, and as organizers struggle to turn public opinion in their favor in the wake of the coronavirus pandemic. 

Some people on the internet denied the accusations of a breach. "There are no postings on any of the forums demonstrating direct information leaks," Twitter user pancak3 said after finding accounts for those registration sites on Dark Web markets. He went on to say that the data was not stolen as a consequence of a breach, but rather as a result of attacks using the RedLine virus and other data thieves. 

The announcement came just one day after the FBI issued a private industry alert warning organizations working with the Tokyo 2020 Summer Olympics to prepare for a wave of "DDoS attacks, ransomware, social engineering, phishing campaigns, or insider threats to block or disrupt live broadcasts of the event, steal and possibly hack and leak or hold hostage sensitive data, or impact public or private digital infrastructure supporting the Olympics."

"Malicious activity could disrupt multiple functions, including media broadcasting environments, hospitality, transit, ticketing, or security," the FBI notice said on Tuesday. "The FBI to date is not aware of any specific cyber threat against these Olympics, but encourages partners to remain vigilant and maintain best practices in their network and digital environments." 

The notice goes on to mention the Pyeongchang cyberattack, which occurred during the 2018 Winter Olympics in Pyeongchang, South Korea, during which Russian hackers used the OlympicDestroyer malware to disrupt web servers during the opening ceremony. According to the notice, the hackers "obfuscated the true source of the malware by emulating code used by a North Korean group, creating the potential for misattribution." Six Russian intelligence operatives were indicted by the Justice Department in October for the attack on the Pyeongchang Winter Olympics.

UK National Cyber Security Centre Reveals Russia’s Plan to Disrupt Tokyo Olympics

 

The UK National Cyber Security Centre recently revealed that in an attempt to completely disrupt the 'world's premier sporting event' the Russian military intelligence services were coming up with a cyber-attack on the Japanese-facilitated Olympics and Paralympics in Tokyo. 

The Russian cyber-reconnaissance work covered the Games organizers, logistics services, and sponsors and was in progress before the Olympics was delayed due to Covid-19. 

The proof is the first indication that Russia was set up to venture as far as to disrupt the summer Games, from which all Russian competitors had been prohibited on account of diligent state-sponsored doping offenses. 

The Kyodo news agency said a senior Japanese government official had specified that Tokyo would think about housing a protest with Moscow if cyber-attacks were affirmed to have been carried out by Russia. 

Japan's chief government spokesman, Katsunobu Kato, said the country would do all that is conceivable to guarantee that the postponed Games would be liberated from any and every cyber-attacks. 

“We would not be able to overlook an ill-intentioned cyber-attack that could undermine the foundation of democracy,” Kato stated, including that Japanese authorities were gathering data and would keep on imparting it to other countries. 

The UK government announced with what it reported with 95% certainty that the disruption of both the winter and summer Olympics was carried out distantly by the GRU unit 74455. 

In PyeongChang as well, as indicated by the UK, the GRU's cyber unit endeavored to camouflage itself as North Korean and Chinese hackers when it focused on the opening ceremony of the 2018 winter Games, smashing the site to stop spectators from printing out tickets and crashing the WiFi in the arena. 

The key targets additionally included broadcasters, a ski resort, Olympic officials, services providers, and sponsors of the games in 2018, which means the objects of the attacks were not simply in Korea.

The foreign secretary, Dominic Raab, stated: “The GRU’s actions against the Olympic and Paralympic Games are cynical and reckless. We condemn them in the strongest possible terms.” 

Included later that, “the UK will continue to work with our allies to call out and counter future malicious cyber-attacks.” 

These allegations of the UK are believed to be a part of an endeavor to disrupt Russia's cybersecurity threat through maximum exposure and stop any interruption of a rescheduled summer Games next year.

Russia-linked hackers Fancy Bears leak data from International Luge Federation

A Russia-linked hacker group called “Fancy Bears” released a statement on Wednesday claiming to have leaked emails and documents that demonstrate violations of anti-doping rules, just two weeks before Winter Olympics 2018.

“The obtained documents of the International Luge Federation (FIL) show the violations of the principles of fair play: widespread TUE approvals, missed anti-doping tests and the double standards approach towards guilty athletes,” read the report.

This is the same group that was implicated in the 2016 Democratic National Committee (DNC) hack, and is also known by the names “Pawn Storm” or “APT 28”.

This is believed to be in response to Russia’s ban from the 2018 Winter Olympics following the controversy in the 2016 games where the same group is believed to have been responsible for the hack that leaked sensitive athlete data stolen from the World Anti-Doping Agency (WADA), which too was in response to the organization’s recommendation to ban Russian athletes from the 2016 games in Rio over allegations of state-sponsored doping.

The hacking group’s “About Us” on their website reads, “We are going to tell you how Olympic medals are won. We hacked World Anti-Doping Agency databases and we were shocked with what we saw.”