Japan on Olympic hacking mission to test utilities, trains, telcos

Japan will from next year conduct mock hacking exercises with governments including the United States and private sector organisations ahead of the 2020 Olympic games.

The effort will be run out of a new penetration testing arm to be created in 2017 charged with identifying vulnerabilities in physical control systems that could lead to real-world damage during the Games.

It will include critical infrastructure operators including power, gas, and chemical utilities. Telcos and transport are almost universally included in security analysis of critical infrastructure.

Governments around the world have in recent years created departments charged with bringing together critical infrastructure operators including those running utilities, banks, and transport.

In Australia that effort is part of the Trusted Information Sharing Network and the overhauled Australian Cyber Security Centre.

Japan's unit, for now called the Industrial Cybersecurity Promotion Agency, will be staffed with security wonks and seated within the Economy, Trade and Industry Ministry.

One wing of the unit will train and hire penetration testers hackers and develop attack mitigation systems, according to Yomiuri Shimbun.

Unnamed sources told the paper techies at high-profile organisations could be forced to undertake mandatory security training to protect critical data.

Mock attacks will run out of the unit's secondary research wing in conjunction with universities and foreign governments including the US Department of Homeland Security.

The US department has long run the biennial Cyber Storm hacking exercise between government agencies, major private sector organisations, and allied nations.

Australia and the UK have participated in previous Cyber Storm hacking games in 2010 and 2008. ®