Similar recommendations have been made over the past weeks by Olympic committees and cybersecurity companies
The FBI issued a Private Industry Notification (PIN) on Monday, warning from a “broad range of cyber activities” that might disrupt the upcoming Beijing Winter Olympics and Paralympics. Additionally, the FBI is warning participants and visitors of potential threats associated with mobile applications developed by untrusted vendors.
“The download and use of applications, including those required to participate or stay in country, could increase the opportunity for cyber actors to steal personal information or install tracking tools, malicious code, or malware. The FBI urges all athletes to keep their personal cell phones at home and use a temporary phone while at the Games,” says the notification.
By advocating the use of burner phones, the FBI echoes similar recommendations made over the past few weeks by several Olympic committees – including the US, Canadian, British, Swiss, German, Swedish and Dutch – as well cybersecurity companies and national security institutions.
The Chinese MY2022 app, which is mandatory for all participants, is of special concern given not only China’s track record on cybersurveillance but also an encryption flaw that was recently discovered. The app collects and uses a great deal of sensitive personal data, ranging from travel arrangements to health status.
The FBI also warns of social engineering and phishing campaigns leading up to and during the games, especially considering the fact that they will be held largely without spectators (except a limited number from mainland China), and so gusts will be reliant on remote streaming services and social media.
Another major cybersecurity concern regards the digital Yuan, which will make its official debut on the market, as the currency of choice for the games.
The NTT Corporation, which provided telecom services for the Tokyo Olympic & Paralympic Games this past summer, revealed that there were more than 450 million attempted cyber-related incidents during the games. The most popular attack methods used were malware, email spoofing, phishing and the use of fake websites and streaming services designed to look like official Olympic service providers.
The Winter Olympics will take place between February 4th – 20th, and the Paralympics between March 4th and 13th.