News and HeadlinesNational NewsScripps News

Actions

Olympics might be a target for cyber espionage and surveillance

Experts say cyber espionage and surveillance is the biggest threat by the Chinese government at the games.
Computer keyboard
Posted

In recent years, the Olympic games have become a target for cyber espionage, surveillance and other financially-motivated attacks. 

The NTT Corporation, which provided network security for the Tokyo 2020 Olympics, said there were more than 450 million cyberattacks launched during the 16 days of competition.

That's 2.5 times more than the number of attacks on the 2012 London Olympics.

Beijing won’t be much different.

A report from cybersecurity analysis firm Recorded Future found ransomware groups may try to encrypt machines used at the games, in part because it could lead to a significant profit, given that teams or officials might need to pay ransom to regain access to those systems as soon as possible. 

But experts think the biggest threat is possible cyber espionage and surveillance of athletes and visitors by the Chinese government.

The United States, Team Great Britain, Australia, Germany and Netherlands all urged their athletes and visitors to leave their personal phones and laptops back at home out of fear that they will be monitored by the government at the games and thereafter. 

"China's national security laws create a really different environment for privacy than what people are used to when they're in other countries, where privacy legislation places significant constraints on the government's ability to collect and use data," Robert Potter, CEO and co-founder of Internet 2.0 said.

"The identifiers for your phone are automatically collected, so that information is gone the moment you hit a mobile phone tower in China."

Potter's cybersecurity company Internet 2.0 examined some of the software being provided by official sponsors to the game and found that the Virtual Private Network service offered to athletes, which lets users hide and protect their internet traffic from being accessed by third parties, collected a "significant amount of user data" beyond what was needed to run the app. 

Newsy's research showed the camera and photo libraries were required to be accessed by the app, and they just didn't seem to be a particularly good reason or justifiable reason to think that that was normal for a VPN application.  

A separate report from Citizen Lab found serious privacy issues with the MY2022 Olympics app, which is required to be used by all attendees at the Beijing games.

For example, it contained an encryption flaw that could expose passport details and medical information of users. 

Both the IOC and Beijing Olympic Committee have rejected claims that there are security concerns with the MY2022 Olympics App. 

Experts told Newsy the only sure-fire way that visitors to the Olympics can protect themselves is by using new devices and accounts only while inside China in order to protect their personal information, then throw the devices away after the games are over.

China is committed to having open and accessible internet available to athletes that are within the "COVID bubble," but there is a line between open internet access and unmonitored internet access — and China is making no guarantees around the latter. 

This story was first reported by Tyler Adkisson at Newsy.