Cybersecurity for Tokyo 2020

Transcription

1 Cybersecurity for Tokyo 2020 June 2017 Ko IKAI Counsellor National Center of Incident Readiness and Strategy for Cybersecurity Cabinet Secretariat Government of JAPAN

2 Upcoming Major Events Rugby World Cup 2019 September 20 to November 2, 2019 Games of the XXXII Olympiad July 24 to August 9, 2020 XVI Paralympic Games August 25 to September 5, 2020 Tokyo was selected to the host city of the XXXII Olympiad at the 125 th IOC Session in Buenos Aires on September 7, 2013 Copyright (c) 2017 National center of Incident readiness and Strategy for Cybersecurity (NISC). All Rights Reserved. 1

3 Rugby World Cup 2019 Location of the 12 stadia to host rugby matches at the 2019 From WikiPedia Copyright (c) 2017 National center of Incident readiness and Strategy for Cybersecurity (NISC). All Rights Reserved. 2

4 Tokyo 2020 Olympic/Paralympic Games From Olympic Committee Copyright (c) 2017 National center of Incident readiness and Strategy for Cybersecurity (NISC). All Rights Reserved. 3

5 Overview of Tokyo 2020 and its circumstances Asset owners ( prime responsibility holders) People(including audience and foreign tourists) Mission owners ( prime responsible coordinator) National government Critical Infrastructure Operators (Local/National) government Society Infrastructure / Public services Partners Suppliers Contractors (Local/National) government TOCOG / IOC Services / Supplies / Venues The Olympic/ Paralympic Games TOCOG

6 Essential Services vs. Critical Infrastructures Critical Infrastructures (identified in 3 rd Basic Policy for CIIP) Information & Communication Financial Aviation Railroad Electric power supply Gas supply Gov t & Admin services (incl. municipal gov ts) Medical Water Logistics Chemical Industries Credit Card Petroleum industries Essential Services (for operation of Olympic/ Paralympic Games) Telecommunication Broadcasting Financial Aviation Railway Electric power Gas Local Government Water System Logistics Credit Card Sewerage Airport Traffic Control (Air, Vessel, Road) Emergency Call (Police, Ambulance, Fire defense) Weather forecast CIQ Expressway (esp. Shuto expwy) Heat supply About 100 service providers (private companies, public companies, local governments, nat l government) Copyright (c) 2017 National center of Incident readiness and Strategy for Cybersecurity (NISC). All Rights Reserved. 5 5

7 Cybersecurity measures based on RA Estabishment of IR structure Cybersecurity Measures for Tokyo 2020 Olympic/Paralympic Games Government of Japan promotes cybersecurity measures of essential service providers for the Games based on risk assessment 東京都オリンピック パラリンピック競技大会推進本部セキュリティ幹事会の下に and discusses to establish Governmental Olympic/Paralympic NISCが事務局となりサイバーセキュリティワーキングチームを設置 これまでに会合を CSIRT as a core organization of information 7 回開催 sharing し 2020 年東京オリンピック パラリンピック競技大会の among stake holders. ( 以降 東京大会 という ) サイバーセキュリティの確保に資する具体的な施策について精力的に検討を推進 Summary of measures Promotion of cybersecurity measures based on risk assessment(ra) (for appropriate preparation) Establishment of incident response(ir) structure (for quick and precise responses against incidents) Establishment of guidance for self-ra to secure safe and continuous provision of services. Listing-up of essential service providers(esps) that can affect Games operation. Request for ESPs to conduct self-ra to promote their cybersecurity measures. ESPs conducted their self-ra during Oct.-Dec About 70 ESPs reported their result. NISC will request the 2nd self-ra during Aug-Oct Discussion Group for Cybersecurity Structure of Tokyo 2020 discussed details of information sharing and agreed the fundamental policy. Sent liaisons for G7 Ise-Shima Summit and Rio2016 Olympic/Paralympic Games as large-scale test events and conducted trial operation of the information sharing structure. Continuous discussion of building IT systems for more streamlined information sharing among stakeholders FY2015 FY2016 FY2017 FY2018 FY2019 FY2020 Listing-up of essential services coordination Drafting of RA procedure Continuous revision Continuous revision Risk assessment by chosen service providers (repeated assessment until Tokyo 2020) Cybersecurity measure based on RA Discussion of IR supports Discussion of cybersecurity structure Discussion of info-sharing Coordination among stakeholders Establishment of Olympic/Paralympic CSIRT Trial operation Operation in the Game time Trial operation of Info-sharing structure (preliminary exercises) Exercises and trainings G7 Summit Rio2016 today Pyeonchang2018 Rugby World Cup in Japan Tokyo2020 6

8 Cybersecurity Situations in Rio2016 Olympic/Paralympic Games In spite of a lot of cyber-attacks against related sites, there were NO incidents affecting Games operation. NISC s activities during Games time NISC sent two liaisons to Technical Operation Center(TOC) of Rio 2016 Organizing Committee of Olympic/Paralympic Games(ROCOG) HQ. They watched the actual situations with shadowing TOC s information security managers, and provided threat intelligence found by NISC and cybersecurity community of Japan. Rio2016 NISC liaison NISC (Intelligence integration) Inforsharing Inforsharing Cybersecurity Community in Japan Situations in Rio2016 A lot of cyber attacks, such as DDoS and web scan, against official and related websites were identified. Information of some websites was bleached. In official website/mobile app, 40 million cyber threats were identified, 23 million threats were blocked and 223 major DDoS attacks were mitigated, during Olympic Games. Targets moved from Games relates websites to surrounding websites such as federal/local government s ones. Most of identified attacks were noticed and announced in SNS and other media. Just after the opening ceremony, the peak of attacks came, but it didn t affect operations because of good preparation. <Transition of targets during Games time> Organizations related to the Games Rio2016 Official websites BOC/BPC websites <TOC, Rio2016 HQ> Federal/Local government Private companies that worked for the Games Rio2016 portal website of Federal Government The website of Federal Ministry of Sports Websites of Rio State/City government Websites of constructor of Games venue Lessons learned from Rio2016 and Brazilian government will be reflected in the cybersecurity preparations of Tokyo2020 7

9 Meetings Tokyo2020 Risk assessment for Tokyo 2020 Olympic/Paralympic Games Based on London2012 s practices, NISC promotes risk assessment for safe and continuous provision of essential services for Tokyo NISC requested service providers that can affect the Games operation to perform their self assessment. Abstract NISC provided the guideline to identify, analyze and assess security risks to promote risk management. Based on regulators cooperation, NISC identified essential service providers(esps) that can affect Games operation, and requested them to perform the assessment. Several assessments are planned until Expanding of service providers Brushing-up of the procedure and risk scenarios Current state <Risk Assessment #1> ESPs in Tokyo 23 wards performed RA #1. Reports from about 70 ESPs Many ESPs conducted the self-ra in cross-sectional manner under their management. Meetings for explanation and experience sharing Supports from the expert of London2012 <Future plan> Preparation and improvement for RA #2 Revision of the guideline Expansion of ESPs Geographical and sectorial Clarifying the required service level for the Games by close cooperation with TOCOG Continuous discussion with ESPs Cooperation with measures for physical security #1 #2 #3 #4~ FY2016 3Q Tokyo 23 wards 内容 FY2017 2Q Tokyo capital area FY2018 1Q Tokyo and local cities General explanation meeting Meetings with ESPs Fy2018 Q4 Tokyo and local cities Fy2016 FY2017 FY2018 FY2019 FY2020 #1 #2 #3 #4 #5 #6 Measures #1 Measures #2 Risk assessment schedule for Tokyo2020 Schedule of Risk Assessment #1 FY2016 1Q 2Q 3Q 4Q Selection of service providers (NISC, regulating authorities) Drafting of risk assessment procedure (NISC) Risk Assessment (service providers) Risk handlings (service providers) Result report and Preparation of #2(NISC) Sector Based meeting 8

10 Cybersecurity Stakeholders of Tokyo 2020 Games (TBR) CIE Regulators Critical Infrastructure Entities(CIE) Partners Suppliers Tokyo Metropolitan Government CSIRT Cybersecurity Community NISC Governmental Olympic/Paralympic CSIRT Tokyo Organizing Committee for Olympic/Paralympic Games CIRT2020 National government TOCOG Local government Private entities Organizations To be established Security Intelligence Center Law Enforcement Agencies Intelligence Agencies 9

11 Challenges Collaboration with physical security measures/organizations Combined discussion bodies Facilitating the streamlined information sharing among domestic/foreign stakeholders Modernized info-sharing systems Establishment of face-to-face trusty relationship Securing appropriate human resources for preparation and incident response during the Games time Trainings and exercises 10

12 Thank you for your patience Ko IKAI 11