At a glance.
- Privacy on the toboggan.
- A Facebook phishing scam.
- Finnish diplomats afflicted by Pegasus.
Privacy concerns for bobsled team (not to mention luge, skeleton, etc.).
As the start of the Beijing Winter Olympics approaches, privacy experts worry that the Chinese government might violate the digital freedoms of the athletes, journalists, and other visitors traveling to the games. Human rights organization Amnesty International has posted an open letter on its website asking the International Olympic Committee to “insist that the Chinese government keeps its promise to guarantee media freedom, including unrestricted internet access for Chinese and international journalists.” Gwen Lee, Amnesty International’s China Campaigner, told The Daily Swig: “They should also ensure that there are genuine opportunities for peaceful demonstration during the Olympics and that there is no punishment for doing so.” International nonprofit Reporters Without Borders is also advising journalists to protect themselves from surveillance by using end-to-end encrypted chat services such as Signal or Threema instead of Chinese-owned communication apps like WeChat, Baidu, or TikTok. Olympic athletes have been offered special personal mobile devices that allow them to bypass what’s known as China’s “Great Firewall,” and they’re also required to download the official MY2022 Olympics app, but Recorded Future warned last week that both the devices and the app could allow for surveillance, especially given that two MY2022 security vulnerabilities were already discovered.
Finnish officials warn about Facebook phishing scam.
Finland's National Cyber Security Centre (NCSC-FI) has released an alert warning of a Facebook phishing campaign in which the attackers impersonate victims' friends on Facebook Messenger and then ask the target to send them their phone number and a verification number delivered via SMS. Bleeping Computer explains, once they receive the info, the attackers lock the victim out of their account by changing the password and associated email address, and they’ll then use the hijacked account to scam additional victims. "The best way to protect yourself from this scam is to be wary of Facebook messages from all senders, including people you know," the NCSC-FI warns.
Finnish diplomats snooped on by Pegasus.
In more news from the North, Finland’s Ministry of Foreign Affairs alleges that NSO Group’s controversial Pegasus spyware, making headlines for its abuse across the globe, was found on the devices of Finnish foreign diplomats this fall. Though the Android and Apple phones hacked stored only information classified at “level 4,” the government’s lowest level of classification, officials warned that even unclassified intel could be considered confidential. The source of the surveillance has not been identified and an investigation is underway. When asked for a response, NSO told the Record by Recorded Future, “NSO Group does not know the facts, but can assure that we will be assisting in any investigation on this issue to determine whether a misuse of our products occurred. If and when a misuse by one of our customers would be found, we will take immediate action, including terminating the customer’s system and contract.”