Posted on February 5, 2022 at 7:01 PM
As the 2022 Winter Olympics kicks off, the US Federal Bureau of Investigation (FBI) has warned that the organizing committee should be wary of the actions of cyber attackers. According to the agency, threat actors could use the opportunity to launch distributed denial of service (DDoS) attacks, phishing attacks, and ransomware attacks.
The information was contained in the Private Industry Notification (PIN) released by the FBI to warn organizations and entities associated with the 2022 Winter Olympics and Paralympics games.
According to the advisory, threat actors could be taking advantage of the current restrictions placed on spectators due to the COVID-19 pandemic.
Foreign spectators will be using much of streaming services and social media to watch the Olympics, which will attract bad actors to launch various forms of attacks on their systems, the report noted. The threat actors will be using various techniques to disrupt such online streaming services. They may try to plant malware in the networks of hotels or transit or other service providers that are connected to the event.
Additionally, the threat actors could use phishing methods or social engineering techniques to steal sensitive data. The FBI also warns that the bad actors can launch disinformation campaigns to deceive users and steal sensitive information from them.
These attacks could target both private and public infrastructure that support the Olympics, according to the report.
Participants Can Also Become Targets
The report also noted that travelers and participants in the Olympics may become targets of the malware and phishing campaign. As a result, they have been advised to be very careful about the mobile applications they use during the event. Travelers have been warned to stop using any mobile app that is not downloaded from a mobile source because those apps are more vulnerable to attacks.
Threat actors are likely going to infiltrate the app download page of untrusted websites. Some of the apps may contain malware which can be immediately delivered to the targeted devices once the user downloads the app, the FBI warns.
Cyber actors could use the opportunity to steal personal information or install malware, malicious code, or install tracking tools on the target’s device.
The Bureau also noted that the athletes should leave their phones at home and make use of temporary phones during their participation at the games. Other athletes from other countries have also been advised by the National Olympic Committee to leave their phones at home.
No Specific Threat Has Been Identified
The FBI said it has not discovered any specific threat targeting the Winter Olympics. But the alert was released to increase awareness of the high possibility of targets on both athletes and organizations.
Threat actors are always looking to take advantage of high-profile events to deceive victims and gain access to their systems and devices. Just like the recently concluded Beijing Olympics, cyber attackers will be looking to make money in the ongoing Winter Olympics. Apart from the obvious goal of making money, they have other motives, such as advancing their ideological goals, increasing their notoriety, discrediting adversaries, or planting confusion just for the fun they derive from it.
Threat actors could also target the apps required by the athletes in the event. Participants are expected to use the MY2022 mobile app to track their health and travel. Now, security researchers have warned that there are several security issues in the app. These flaws could give thereat actors the encouragement they need to try and exploit and compromise participants’ mobile phones.
Service Providers Have Been Advised To Stay Vigilant
The FBI has also informed service providers to continue with the security measures and stay vigilant during this period. They need to maintain their business continuity plans by using cybersecurity best practices, monitoring their network, and using secured VPN services. The providers should also apply the appropriate patches to deal with any potential threats.
The FBI has also advised that a new security regimen is needed to offer better protection to athletes and organizations during such events. The cyberattacks during the 2018 Winter Olympics in Pyeongchang led to the malfunctioning of the Internet Protocol televisions (IPTVs). Also, the film drones couldn’t be deployed. The attack also led to a Wi-Fi outage in the Olympic stadium as well as the shutdown of the main servers. This prevented the attendees and spectators from accessing their tickets.
The FBI is warning against a similar effect if attackers have their way. And this time, the attack can extend to spectators watching from home due to the COVID-19 restrictions. As a result, the FBI has warned stakeholders to beef up their security and apply the right protective measures to avoid being caught off-guard.