G2TT
来源类型Report
规范类型报告
DOIhttps://doi.org/10.7249/RR2395
来源IDRR-2395-RC
Olympic-Caliber Cybersecurity: Lessons for Safeguarding the 2020 Games and Other Major Events
Cynthia Dion-Schwarz; Nathan Ryan; Julia A. Thompson; Erik Silfversten; Giacomo Persi Paoli
发表日期2018-10-04
出版年2018
语种英语
结论

Cyber threats are a growing concern for Olympic planners, and past games hold valuable lessons for Tokyo 2020

  • The increasing dependence on technology and a proliferation of adversary tools to exploit vulnerabilities in systems and networks make the Olympic Games a target-rich environment for cyberattackers.
  • The consequences of a cyberattack on the Olympic Games include financial losses, physical harm to participants and attendees, property damage, the compromise of personal information, and damage to the host country's reputation.
  • There have been no successful large-scale, high-impact attacks on prior Olympic Games; experiences from these and other international events offer potential lessons for Tokyo 2020 planners.
  • A key characteristic of past Olympic cybersecurity planning efforts has been coordination and collaboration among a range of stakeholders, including the private sector.

Understanding Japan's cybersecurity threat landscape will help planners mitigate threats

  • The typology of threat actors revealed six types of actors with the potential to pose a risk to the Tokyo 2020 games: cyber criminals, insider threats, foreign intelligence services, hacktivists, cyberterrorists, and ticket scalpers.
  • Motivations vary with the type of actor, but a streamlined classification of profit, ideology, and revenge captures the motivations for most attacks.
  • Foreign intelligence services and other state-sponsored attackers rank at the top in terms of sophistication and level of risk to the games.
  • The risk analysis methods and threat actor typology developed for Tokyo 2020 offer a valuable basis for future research to support the cybersecurity goals of other high-profile international events.
摘要

The Olympic Games are a target-rich environment for cyberattackers, drawing athletes, attendees, and media coverage from around the world. Japan's vision to become the most advanced urban technology metropolis in the world underpinned its bid to host the 2020 Olympics, but an increasing dependence on technology with each successive Olympic Games signals a shift toward an unpredictable, complex, and contested cyber threat environment. More than ever, security planners must consider the cybersecurity threat landscape if they are to effectively mitigate threats, apportion limited resources, and host a resilient, safe, and secure Olympic Games.

,

To support the security goals of Tokyo 2020, this report characterizes the cybersecurity threats that are likely to pose a risk to the games and presents a series of policy options to guide planners and other stakeholders in addressing them. The analysis involved a risk assessment synthesizing qualitative and quantitative data on the threat landscape and lessons from prior Olympic Games. Underlying the risk assessment is a threat actor typology — a classification and ranking of a range of threats to the security of the games. A key contribution of this research is a visualization of this threat actor typology that provides an at-a-glance overview to guide Olympic security planners, computer emergency response teams, and policy- and decisionmakers as they prioritize and address cybersecurity threats in the lead-up to Tokyo 2020.

目录
  • Chapter One

    Introduction

  • Chapter Two

    Policy Context

  • Chapter Three

    The Cybersecurity Threat Landscape in Japan

  • Chapter Four

    Lessons from Prior Olympic Games

  • Chapter Five

    A Risk Assessment of Japan's Cybersecurity Landscape

  • Chapter Six

    Conclusions and Policy Options

  • Appendix A

    Methods

  • Appendix B

    Interview Protocol

  • Appendix C

    JPCERT/CC Incident Categories

主题Cybersecurity ; The Internet ; Terrorism Threat Assessment
URLhttps://www.rand.org/pubs/research_reports/RR2395.html
来源智库RAND Corporation (United States)
引用统计
资源类型智库出版物
条目标识符http://119.78.100.153/handle/2XGU8XDN/523646
推荐引用方式
GB/T 7714
Cynthia Dion-Schwarz,Nathan Ryan,Julia A. Thompson,et al. Olympic-Caliber Cybersecurity: Lessons for Safeguarding the 2020 Games and Other Major Events. 2018.
条目包含的文件
文件名称/大小 资源类型 版本类型 开放类型 使用许可
RAND_RR2395.pdf(1592KB)智库出版物 限制开放CC BY-NC-SA浏览
x1539695823280.jpg.p(4KB)智库出版物 限制开放CC BY-NC-SA浏览
个性服务
推荐该条目
保存到收藏夹
导出为Endnote文件
谷歌学术
谷歌学术中相似的文章
[Cynthia Dion-Schwarz]的文章
[Nathan Ryan]的文章
[Julia A. Thompson]的文章
百度学术
百度学术中相似的文章
[Cynthia Dion-Schwarz]的文章
[Nathan Ryan]的文章
[Julia A. Thompson]的文章
必应学术
必应学术中相似的文章
[Cynthia Dion-Schwarz]的文章
[Nathan Ryan]的文章
[Julia A. Thompson]的文章
相关权益政策
暂无数据
收藏/分享
文件名: RAND_RR2395.pdf
格式: Adobe PDF
文件名: x1539695823280.jpg.pagespeed.ic.sdTZoXAVT4.jpg
格式: JPEG

除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。