The Beijing Winter Olympics officially start Friday, although preliminary events have already happened. In addition to the normal concerns about security and logistics, this year’s Games come with tight COVID-19 protocols and, according to cybersecurity experts, additional risks for attacks on the technology people are using.
I spoke with Jennifer Pak, Marketplace’s China correspondent, about how the government is preparing for security threats. She said contractors hired to manage the threats have identified some particularly high-risk targets. The following is an edited transcript of our conversation.
Jennifer Pak: A Chinese firm who is the cybersecurity sponsor for the Winter Olympic Games have identified things like screens at stadiums or video assistant referee[s] or Olympic-related websites as potential targets. The results of games could be manipulated, even questioned.
Kimberly Adams: How is the Chinese government preparing for any potential attacks like that at the 2022 Beijing Olympics?
Pak: So Beijing officials have recruited telecom firms, local banks, to step up their data safety management. And Chinese authorities are also offering athletes antivirus software, even new SIM cards.
Adams: These games are being held in China, which has built quite the reputation as a surveillance state. What are the cybersecurity concerns for international teams competing this year?
Pak: They’re not just on the lookout for international hackers, but also surveillance from Chinese authorities. During the Olympics, the athletes, coaches, anyone coming here for the Games must download an app called My2022 to declare their health status. But now, a cybersecurity watchdog in Toronto called Citizen Lab has identified encryption flaws. That could mean hackers could intercept a lot of this user data from say, a Wi-Fi point. And on top of that, there’s also a feature they discovered which allows users to report “politically sensitive content,” such as the Uyghur population in Xinjiang, where the U.S. and other Western governments have accused China of committing human rights violations. The group says that this censorship feature has not been turned on. But there’s just a lot of things that are unclear. And also, in regards to the other encryption flaws, we’re not clear whether that was put there on purpose or if it was simply negligence.
Adams: So what kinds of policies have they put in place to address the concerns about the app?
Pak: Really, the advice for athletes and Olympic officials is what foreign diplomats have been practicing all along, which is if you’re concerned about cybersecurity and your personal data, then leave your personal phones and laptops back in your home country and bring burner phones or other devices that you’re happy to leave behind.
Adams: How is the pandemic affecting this entire operation of data gathering and monitoring of all these athletes coming in?
Pak: It just means that there’s so much more data to collect. I recently returned to China, and I had to fill out on multiple forms, on multiple apps, not just my passport details and flight details, but also my vaccination status, my address in Shanghai, my blood tests, my temperature checks every day. And these are details I’m sure athletes and Olympic officials have to fill out before they come to China and also during their stay. So there’s just no shortage of data that could be exploited.
Adams: Can you lay out the stakes in that case? Like why do these cybersecurity concerns matter?
Pak: Well, on a personal level, it’s about privacy, isn’t it? We’re talking about very high-profile athletes and coaches and people attending. But on a bigger scale, it’s very important for China’s leadership, who are very keen to project this flawless image of carrying out this Game, not only to its own people but also to the rest of the world. And that means preventing cyberattacks. That’s all part of it.
Related links: More insight from Kimberly Adams
For more on the logistical challenges of the Olympics, The New York Times has a story going through the many, many steps and procedures athletes are navigating to make it to the Games.
Business Insider also has a story rounding up the many warnings American Olympians are getting about cybersecurity risks in Beijing, including one from the FBI that cautions athletes about ransomware, malware, data theft and misinformation campaigns.
Like Pak mentioned, the agency urged athletes to leave “their personal cell phone at home and use a temporary phone while attending the events.”