Olympics Might Be A Target For Cyber Espionage And Surveillance

Experts say cyber espionage and surveillance of athletes and visitors is the biggest threat by the Chinese government at the Games.

Olympics Might Be A Target For Cyber Espionage And Surveillance
Matt Slocum / AP

In recent years, the Olympic Games have become a target for cyber espionage, surveillance and other financially motivated attacks. 

The NTT Corporation, which provided network security for the 2020 Tokyo Olympics, said there were more than 450 million cyberattacks launched during the 16 days of competition. That's 2.5 times more than the number of attacks on the 2012 London Olympics.

Beijing won’t be much different. A report from cybersecurity analysis firm Recorded Future found ransomware groups may try to encrypt machines used at the Games, in part because it could lead to a significant profit, given that teams or officials might need to pay ransom to regain access to those systems as soon as possible. 

But experts think the biggest threat is possible cyber espionage and surveillance of athletes and visitors by the Chinese government.

The United States, Team Great Britain, Australia, Germany and Netherlands all urged their athletes and visitors to leave their personal phones and laptops back at home out of fear that they will be monitored by the government at the Games and thereafter. 

"China's national security laws create a really different environment for privacy than what people are used to when they're in other countries, where privacy legislation places significant constraints on the government's ability to collect and use data," Robert Potter, CEO and co-founder of Internet 2.0 said. "The identifiers for your phone are automatically collected, so that information is gone the moment you hit a mobile phone tower in China."

Potter's cybersecurity company examined some of the software being provided by official sponsors to the Games and found that the Virtual Private Network service offered to athletes, which lets users hide and protect their internet traffic from being accessed by third parties, collected a "significant amount of user data" beyond what was needed to run the app. 

Newsy's research showed the camera and photo libraries were required to be accessed by the app, and they just didn't seem to be a particularly good reason or justifiable reason to think that that was normal for a VPN application.  

A separate report from Citizen Lab found serious privacy issues with the MY2022 Olympics app, which is required to be used by all attendees at the Beijing Games. For example, it contained an encryption flaw that could expose passport details and medical information of users. 

Both the IOC and Beijing Olympic Committee have rejected claims that there are security concerns with the MY2022 Olympics App. 

Experts told Newsy the only surefire way that visitors to the Olympics can protect themselves is by using new devices and accounts only while inside China in order to protect their personal information, then throw the devices away after the Games are over.

China is committed to having open and accessible internet available to athletes that are within the "COVID bubble," but there is a line between open internet access and unmonitored internet access — and China is making no guarantees around the latter.