BRUSSELS – Japan and the European Union are strengthening their cooperation on cybersecurity ahead of the 2020 Tokyo Olympic and Paralympic Games, where the city is expected to face a significant cyberthreat.
Organizers of past games faced an estimated 500 million cyberattacks during the 2016 Rio Games and 200 million at the 2012 London Games.
Cyberattacks are no longer mere “hobbies” for attackers, said Susanna Makela, a senior director of European government affairs at Microsoft, adding it has become more like a “business” as attackers are “smarter, more serious, more organized and more funded.”
The Tokyo Organizing Committee of the Olympic and Paralympic Games already suffered a potential hack in 2015, making its website inaccessible for over 12 hours. Cyberattacks are said to be getting more complex and sophisticated as technology progresses.
According to the National Institute of Information and Communications Technology , which monitors cyberattacks on Japan, the volume of data subject to cyberattacks increased from 25.6 billion packets in 2014 to 150.4 billion packets in 2017.
“Infrastructure in general is a very appealing target for attackers because that causes many disruptions,” Makela said in a discussion open to some media organizations in Brussels in June.
In 2017, Japan identified 13 sectors of critical infrastructure in the fourth edition of its cybersecurity policy, and called for an all-out effort by the public and private sectors to protect them. The sectors included aviation services, government and administrative services, medical services and credit card services.
There are many “entry points” to this infrastructure, according to Gregory Blanc, an associate professor at Telecom SudParis, as many smart objects are connected to the networks and are widely used.
Blanc gave a hypothetical example of QR codes on Olympic Games tickets being crafted to gain access to infrastructure when they are read into a system.
To tackle such threats, Japan has been acquiring knowledge on cybersecurity through cooperation with the European Union.
In January, Prime Minister Shinzo Abe visited Estonia — an EU member state and a global heavyweight in information communications technology — and agreed on bilateral cybersecurity cooperation.
Estonia was purportedly the first nation in the world to suffer a cyberattack in 2007 and has worked intensely on cybersecurity, leading to its hosting of the EU Agency for Large-scale IT Systems and the NATO Cooperative Cyber Defense Centre of Excellence.
A political document adopted by the Council of the European Union in May urges further cooperation, seeking to strengthen EU security engagement in and with Asia in key areas including cybersecurity.
“The policy document (from May) is a concrete step forward for possible collaboration between Japan and the EU,” a Japanese diplomat to the European Union said.
Niccolo Rinaldi, head of the unit for Asia, Australia and New Zealand in the European Parliament, suggested exchanges of best practices and information will be crucial.
With the experience of having hosted the Olympic Games and soccer World Cups, Rinaldi said, sharing knowledge on how to set up a democratically open but simultaneously protected media center could be a key countermeasure.
This would include exchange of information on potential troublemakers or “possible targets of spy actions,” Rinaldi said.
The private sectors in Japan and the European Union are also making collaborative efforts to develop their capabilities.
With financial support from the Horizon 2020 project, an EU research and innovation program, and the Japan Society for the Promotion of Science, universities and research institutes are sharing their knowledge through workshops.
It is estimated that the Japanese IT industry will lack about 190,000 experts on information security in 2020, according to research conducted by the Ministry of Economy, Trade and Industry in 2015.