Jan 18, 2022

Hacking backdoor? Security flaws in China’s mandatory Olympics app | DW News

Posted by in categories: biotech/medical, cybercrime/malcode, encryption, health, mobile phones, surveillance

Athletes headed to the Beijing Olympic Winter Games are making final travel preparations, including keeping in line with China’s health measures on the “My 2022″ smartphone app. However, inadequate encryption measures within the app can leave Olympians, journalists and sports officials vulnerable to hackers, privacy breaches, and surveillance, according to a cybersecurity report by the Citizen Lab obtained exclusively by DW. Additionally, the IT forensic specialists found that the app includes a censorship keyword list. The findings come as international concern over digital safety at the Games mounts. Germany, Australia, UK and US have urged their athletes and National Olympic Committees to leave their personal phones and laptops behind and to travel with special devices over fears of digital espionage. The Dutch Olympic Committee outright banned its athletes from bringing personal phones and laptops due to surveillance concerns.

In the Olympic Playbook for athletes and team officials, the International Olympic Committee states that the “My 2022″ app is “in accordance with international standards and Chinese law.” But based on its findings, Citizen Lab concludes that the insecure transmission of personal information “may constitute a direct violation of China’s privacy laws.” This is because China’s data protection laws require that a person’s health and medical records held digitally be transmitted and stored in an encrypted manner. Citizen Lab’s findings also raise questions concerning two Western tech giants that carry the “My 2022″ app: Apple and Google. “Both Apple’s and Google’s policies forbid apps to transmit sensitive data without proper encryption, so Apple and Google will need to determine whether the app’s unresolved vulnerabilities warrant delisting,” Citizen Lab’s Knockel told DW. The Beijing Organizing Committee has stood by its app, however, saying it “passed the examination” of international mobile application markets such as Google, Apple and Samsung.“We have taken measures such as personal information encryption in the app to ensure privacy security,” the committee said Monday to Xinhua News Agency.

The Winter Games, which kicks off on February 4, marks the second Olympic Games during the COVID-19 pandemic. Just as at the Tokyo Summer Games, tracking athletes’ health is required. According to the official Playbook of the International Olympic Committee (IOC), athletes, coaches, reporters and sports officials, as well as thousands of local staff, are required to put their information into either the “My 2022″ smartphone app or website. The app, which was developed in China, is designed to monitor the health of all attendees and staff as well as trace possible COVID-19 infections. Passport data and flight information must be entered into the app. Sensitive medical information related to possible COVID-19 symptoms are also required, such as whether a person had a fever, fatigue, headaches, a dry cough, diarrhea or a sore throat. Those coming from abroad must start entering health data 14 days before arriving in the country. Many countries use a contact tracing app to help combat the pandemic. But “My 2022″ combines contact tracing with other services: It regulates access to events, acts as a visitor’s guide with information on sporting venues and tourist services, as well as providing chat functions (text and audio), news feeds and file transfers.


For more news go to:
Follow DW on social media:
Für Videos in deutscher Sprache besuchen Sie:
#Beijing2022 #WinterOlympics #China

Comments are closed.