The Federal Bureau of Investigation has warned of massive cyberattacks during the upcoming Winter Olympics in Beijing. The agency encourages athletes and other participants to leave their smartphones and other smart gadgets at home and use temporary devices instead to protect themselves from potential cyber threats and data theft. National Olympic Committees in some countries are also advising their athletes not to use personal smartphones at the upcoming Olympics due to cybersecurity concerns.
“The FBI urges all athletes to keep their personal smartphones at home and use a temporary phone while at the Games. The National Olympic Committees in some Western countries are also advising their athletes to leave personal devices at home or use temporary phones due to cybersecurity concerns at the Games. The FBI to date is not aware of any specific cyber threat against the Olympics; but encourages partners to remain vigilant and maintain best practices in their network and digital environments.”
The warning seems warranted given that the Tokyo 2020 Olympics have been bombarded with cyber incidents. The FBI notes that NTT Corporation, the official service provider for the event; recorded more than 450 million attempts to breach cybersecurity, but none of them were successful.
FBI advises athletes to ditch personal smartphones at 2022 Olympics
According to the agency, the most popular attack methods included malware distribution; email spoofing, phishing, misinformation, fake websites and streaming services. However, mobile apps and digital wallets that track COVID-19 vaccination status; can also allow cybercriminals to steal personal information or install tracking tools, malicious code or software.
NTT officials told ZDNet in October that the company’s fight for cybersecurity during the Tokyo Olympics was similar to Harry Potter’s final battle with Voldemort, calling the effort to protect the event “herculean”.
“Cybercriminals certainly saw the Games — and its related supply chain — as a high-value target with low downtime tolerance. After all, crime follows opportunity. And with connected stadiums, fan engagement platforms and complete digital replicas of sporting venues; and the events themselves becoming the norm, there’s plenty of IT infrastructure and data to target — and via a multitude of components,”.
According to Citizen Lab, passport details, demographic information, and medical/travel history in health customs forms are also allegedly vulnerable. Server responses can reportedly be spoofed, allowing an attacker to display fake instructions to users, according to the report. The MY2022 app also allegedly allows users to report “politically sensitive” content; and includes a censorship keyword list involving topics like Xinjiang and Tibet.