Feb 03, 2022 12:30:00

FBI warns that the 2022 Beijing Winter Olympics are a great target for cyberattacks and advises participating athletes to use disposable smartphones

Curling and luge qualifications have already begun, and the opening ceremony will be held on February 4, 2022. The 2022 Beijing Winter Olympics and Paralympics will be broadcast using streaming services and social media due to admission restrictions for foreign spectators. The FBI warns that it will be a great target for cyber actors who are launching cyber attacks, as more people will see the results.

In particular, athletes participating in the tournament are obliged to use the official app to check their health condition and travel status, and it is highly likely that they will be the target of cyber actors' attacks, so their smartphones will be used during the tournament. It is recommended to use a disposable device instead of using it.

Potential for Malicious Cyber Activities to Disrupt the 2022 Beijing Winter Olympics and Paralympics
(PDF file)

https://www.ic3.gov/Media/News/2022/220131.pdf

FBI Releases PIN on Potential Cyber Activities During the 2022 Beijing Winter Olympics and Paralympics | CISA

https://www.cisa.gov/uscert/ncas/current-activity/2022/02/01/fbi-releases-pin-potential-cyber-activities-during-2022-beijing

Large, high-profile competitions, such as the Olympics and Paralympics, are great targets for cyberattacks. At the 2018 Pyeongchang Winter Olympics, Russian cyber actors launched a devastating cyberattack aimed at the opening ceremony through spear phishing and malicious attack apps.

NTT, which provided the infrastructure, revealed that there were many attempts at cyber attacks during the 2021 Tokyo Olympics and Paralympics. Although there were no large-scale attacks , the total number of attacks was more than 450 million, including malware, email spoofing (source spoofing) , phishing, and fake websites and streaming sites disguised as official services.

In the case of the 2022 Beijing Winter Olympics and Paralympics, admission tickets were sold only to people living in China to prevent pandemics, so we used streaming services and social media to watch the Games and grasp the results. It is expected that there will be many cases of doing so. There is a risk that cyber actors will launch malware targeting this relay network.

In addition, FBI is trying to stop services during the Games by cyber actors using ransomware etc. to launch DDoS attacks on ISPs and TV stations, and infrastructure for hotels, public transportation, ticket services, event security, etc. We are also concerned about attacks targeting the Olympic support function network.

In particular, athletes are obliged to install an app called 'MY2022' to track their health status and travel data, and other apps necessary for participating in and staying at the tournament will come out, but the FBI says ' Warning of 'potential threats to mobile apps developed by unreliable vendors'. Since there is a risk that personal information will be stolen, tracking tools, malicious code, and malware will be inserted by downloading and installing the application, keep the smartphone you normally use at home and keep it during the tournament period. Inside is calling for the use of disposable terminals.

In addition, researchers have pointed out that this 'MY2022' 'is designed to acquire various data including voice data and send it to a server in China.'

Researchers point out that the official Beijing Olympics app collects athletes' voice data, etc. --GIGAZINE

The 2022 Beijing Winter Olympics will be held until February 20, 2022, and the 2022 Beijing Winter Paralympics will be held from March 4th to 13th, 2022.