IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

FBI urges Olympic athletes to leave personal devices at home due to cyber risk

The organisation has warned that threat actors could use a broad range of cyber activities, including DDoS or ransomware attacks, to disrupt the event

The FBI has urged all athletes to keep their personal smartphones at home and instead use a temporary phone while at the Olympic Games.

The organisation published a notice in which it warns entities associated with the February 2022 Beijing Winter Olympics and March 2022 Paralympics that cyber actors could use a broad range of cyber activities, including DDoS or ransomware attacks, to disrupt the events.

Additionally, the FBI warned Olympic participants and travellers of potential threats associated with mobile applications developed by untrusted vendors.

“The download and use of applications, including those required to participate or stay in the country, could increase the opportunity for cyber actors to steal personal information or install tracking tools, malicious code, or malware,” said the FBI.

The organisation recommends all athletes to use a temporary phone, highlighting that the National Olympic Committees in some Western countries are also advising athletes to leave personal devices at home due to cyber security concerns at the Games. 

However, it added that it isn’t aware of any specific cyber threat against the Olympics, but encourages partners to remain vigilant and maintain best practices in their network and digital environments.

It pointed to the 2020 Tokyo Olympics and Paralympics, where there were over 450 million attempted cyber-related incidents during the event, although none were successful due to the cyber security measures in place, according to the NTT Corporation which was in charge of IT security. The most popular attack methods used were malware, email spoofing, phishing, and the use of fake websites and streaming services designed to look like official Olympic service providers.

The FBI added that the use of new digital infrastructure and mobile applications, like digital wallets or applications that track COVID testing or vaccination status, could also increase the opportunity for cyber actors to inflict damage. This could allow them to steal personal information or install tracking tools, malicious code, or malware. The FBI underlined that athletes will be required to use the MY2022 smartphone app to track their health and travel data.

Related Resource

The best defence against ransomware

How ransomware is evolving and how to defend against it

Blue padlock Free download

The MY2022 app was analysed by Citizen Lab researchers who said they had found it contained a “devastating” encryption flaw, which it said allowed users’ audio and file transfer encryption to be sidestepped. The researchers also said it fails to validate SSL certificates and can be deceived into connecting to a malicious host.

There also appears to have been some misinformation surrounding the privacy of the Chinese app, with one researcher, Jonathan Scott, claiming that athletes’ audio is being collected, analysed, and saved on servers belonging to a Chinese AI firm with human rights concerns called iFlytek. This claim has been shared by US senators and a prominent podcaster on Twitter.

However, members of the infosec community have said the researcher’s claim is unsubstantiated by any of the evidence provided, even though it has already been shared widely.

Featured Resources

Activation playbook: Deliver data that powers impactful, game-changing campaigns

Bringing together data and technology to drive better business outcomes

Free Download

In unpredictable times, a data strategy is key

Data processes are crucial to guide decisions and drive business growth

Free Download

Achieving resiliency with Everything-as-a-Service (XAAS)

Transforming the enterprise IT landscape

Free Download

What is contextual analytics?

Creating more customer value in HR software applications

Free Download

Recommended

India to roll out 6G by end of decade
Network & Internet

India to roll out 6G by end of decade

18 May 2022
Data centres that switch from HDDs to SSDs use 70% less power
data centres

Data centres that switch from HDDs to SSDs use 70% less power

16 May 2022
IT admin deletes company’s databases and is jailed for seven years
Policy & legislation

IT admin deletes company’s databases and is jailed for seven years

16 May 2022
Australia pledges $5 million to create tech skills passport
Careers & training

Australia pledges $5 million to create tech skills passport

11 May 2022

Most Popular

Open source packages with millions of installs hacked to harvest AWS credentials
hacking

Open source packages with millions of installs hacked to harvest AWS credentials

24 May 2022
Europe's first autonomous petrol station opens in Lisbon
automation

Europe's first autonomous petrol station opens in Lisbon

23 May 2022
Nvidia pauses hiring to help cope with inflation
Careers & training

Nvidia pauses hiring to help cope with inflation

23 May 2022