Cyberattacks on Winter Asian Games systems traced to US, report says

The event information systems for the 2025 Winter Asian Games in Harbin were subjected to 270,167 cyberattacks from abroad between Jan 26 and Feb 14, with the United States accounting for the most, according to a report released Thursday.

China's National Computer Virus Emergency Response Center said in the report that cybersecurity monitoring and analysis covered the Games' information systems and key infrastructure in Heilongjiang province during the event.

The 9th Asian Winter Games took place from Feb 7 to Feb 14 in Harbin, capital of Northeast China's Heilongjiang province. While the event drew widespread attention both domestically and internationally, it also became a target for cyberattacks, the report said.

The number of attacks fluctuated, with a notable increase from Feb 7 to Feb 13, peaking on Feb 8, according to the report.

The United States accounted for the largest share, with 170,864 attacks, or 63.24 percent of the total. Following the US, Singapore accounted for 40,449 attacks, or 14.97 percent, followed by the Netherlands (12,414 attacks, 4.95 percent), Germany (6,682 attacks, 2.47 percent), and South Korea (1,281 attacks, 0.47 percent).

The attacks targeted multiple event information systems, with the most frequent attempts directed at the event information release system, the entry and exit management system, and the payment card system, the report said.

Authorities blocked 12,602 high-risk malicious IP addresses during the Games. These IP addresses were involved in scanning the systems for vulnerabilities and attempting to steal data or damage the systems. Most of these attacks originated from foreign Digital Ocean cloud service hosts, the report said.

The report also identified cyberattacks targeting key information infrastructure in Heilongjiang province. From Jan 31 to Feb 14, the Netherlands accounted for the largest number of attacks, with 37.98 million, followed by the US with 11.79 million and Thailand with 720,000. Australia, the United Kingdom, Germany, Lithuania, Canada, Japan, and Singapore ranked fourth through tenth.

"Thanks to the concerted efforts of the event's cybersecurity protection team, these attacks did not cause significant damage, but they underscore the severe and ongoing threat of cyberattacks against our country," the report said.

The report condemned cyberattacks targeting major international events and said details had been submitted to public security authorities.