A perfect storm of cybersecurity threats is swirling around the Tokyo Olympics with fans including Australian audiences, sponsors, broadcasters and the Games themselves potentially at risk.
Experts say recent research has identified ransomware attacks as a real threat to the complex supply chains that are in place to deliver one of the world's biggest sporting events.
They say the potential for disruption to the Games themselves, including the global broadcast and security services, is "very significant".
And the wider threats have only been exacerbated by the COVID-19 pandemic, which has forced almost all public interaction with the event online.
"There's many reasons why you could see the Games get called to a halt," cybersecurity expert Garrett O'Hara told AAP.
"You would hope that would be temporary."
Mr O'Hara is the Chief Field Technologist for cybersecurity company Mimecast, which recently tasked a team in Britain to conduct an analysis of the cyber threats to the Games.
He said the team conducted a deep dive into various scenarios to consider what might be the most likely threat and what posed the greatest risk.
Worryingly, in this case, their findings determined they were one and the same - the potential for a major ransomware attack.
Ransomware attacks, which are becoming more sophisticated and much more prevalent, involve the demand for a "ransom" to secure the release of locked down or encrypted data.
Mimecast's own State of Email Security Report found the number of companies experiencing ransomware attacks in Australia had jumped to 64 per cent this year, up from 48 per cent in 2020.
Of those, about half paid the ransom.
Olympics fans in Australia could also become targets as they seek to engage with the Games or companies involved in the events, by being targeted with spoof emails or lured to fake websites.
The flow-on effects could also present major problems for Australian businesses with many more people now using work devices, accounts or equipment from home, the same equipment they may use to interact with the Games.
"Because of COVID, unfortunately, what you're seeing is this almost perfect storm," Mr O'Hara said.
"In the environment where so many people are working from home and the personal and the business has completely bled into each other.
"Most people are doing online shopping, they're watching Netflix, they will watch the Olympics and they will click on links for personal emails on their work machines.
"Then what you're relying on is good endpoint security that will protect those end-users from something that's bigger."
In the worst-case scenario, an attacker could gain access to organisations at a higher level by tracking passwords or stealing credentials.
"COVID has just changed so many things, and the thinking about cybersecurity and resilience has just changed so dramatically because of the work-from-home popularity," Mr O'Hara said.
Mimecast country manager Nick Lennon said given the nature of the Tokyo Olympics, with even fans in Japan unable to attend, "nearly every device around the world is going to be connected back into the Games".
"The attack opportunity for a very well-crafted campaign has incredible reach. Reach we've not seen before," he said.
But notwithstanding the risks, Mr O'Hara said he was sure Games' organisers had invested heavily to ensure the cybersecurity of the two-week sports festival.
"I would bet there is a very large amount of money being spent on cybersecurity and making sure as much as possible they are secure," he said.
"The challenge they will face though is the complex supply chain. It's not just the Olympics, that's a problem in cybersecurity in general."
Australian Associated Press
Sign up for our newsletter to stay up to date.