FBI Warns of Winter Olympics Cyber Threats

Written by Edward Gately
February 2, 2022

In other cybersecurity news …

The FBI is warning entities associated with this month’s Beijing Winter Olympics and March 2022 Paralympics that cyber actors could use a broad range of cyber activities to disrupt these events.

These activities include distributed denial of service (DDoS) attacks, ransomware, malware, social engineering, data theft or leaks, phishing campaigns, disinformation campaigns or insider threats. And when successful, these attacks can block or disrupt the live broadcast of the event, steal or leak sensitive data, or impact public or private digital infrastructure supporting the Olympics.

Additionally, the FBI warns Olympic participants and travelers of potential threats associated with mobile applications developed by untrusted vendors. The download and use of applications, including those required to participate or stay in the country, could increase the opportunity for cyber actors to steal personal information or install tracking tools, malicious code or malware.

Large, high-profile events provide an opportunity for criminal and nation-state cyber actors to make money, sow confusion, increase their notoriety, discredit adversaries and advance ideological goals. Due to the ongoing COVID-19 pandemic, no foreign spectators will be allowed to attend the Olympics or Paralympics. Spectators will be relying on remote streaming services and social media throughout the duration of the games. Adversaries could use social engineering and phishing campaigns leading up to and during the event to implant malware to disrupt networks broadcasting the event.

Chris Clements is vice president of solutions architecture at Cerberus Sentinel.

“For those people traveling to the Olympic games, it’s important to understand both the invasiveness and capabilities of border security agencies screening entry with regards to cybersecurity when traveling,” he said. “As a rule, it’s important to assume all bets are off as to the security of any device traveling with you, the privacy of the data within, or to any accounts linked to that device including social media. It’s also crucial to understand that this situation applies to almost any foreign country traveled to. Border control agencies often have broad authority to inspect or completely clone devices, compel the traveler to unlock, or even share passwords for online accounts. For this reason, it’s often recommended that travelers concerned with this possibility carry disposable devices for use while traveling that can be disposed of before leaving.”

Attacks specific to interest in the Olympics such as pirated video streaming sites or fake news headlines are common ways for cybercriminals to distribute ransomware or other malware for any event that garners wide interest, Clements said. Organizations should be on guard for any potential suspicious activities by closely monitoring end points for indicators of compromise and enact general cybersecurity best practices such as multifactor authentication (MFA) and patching.”

Tags:

Edward Gately

As news editor, Edward Gately covers cybersecurity, new channel programs and program changes, M&A and other IT channel trends. Prior to Informa, he spent 26 years as a newspaper journalist in Texas, Louisiana and Arizona.