Olympics brace for old and new threats
PYEONGCHANG, SOUTH KOREA— Skyhigh tensions. Eye-in-the-sky vigilance.
A17-metre-long tactical surveillance blimp floating overhead, originally designed for military reconnaissance purposes. An AWACS plane sweeping for early warning radar signals higher above. Droneon-drone detection systems to blast away any suspicious incursion. Radio-jamming technology.
On the ground: More than 800 high resolution security cameras at all venues, face recognition software to help prevent conventional terrorist attacks, such as suicide bombings and hostage-taking. Five thousand police officers — twice the original plan and double the number deployed during the 2002 World Cup, which South Korea co-hosted with Japan. Tens of thousands of military troops. Snipers and self-driving cars, robots and humanoid bots.
At least 17 “foreigners” who could potentially pose a terrorism menace have been deported.
And yet the greatest threat to the XXIII Winter Games could be a stealth malware worm hiding from sight, invading a country’s technological intestines.
South Korea has been massively cyber-attacked before: A 2013 hack targeting banks and broadcasters that froze computer systems for more than a week; a digital ambush that exploited a word processing program widely used by its government and public institutions in 2015; the WannaCry strike last year (though that was global) that corrupted computers running Microsoft Windows operating systems by encrypting data and demanding ransom payments in Bitcoin cryptocurrency.
Experts believe all those cyber assaults originated within North Korea or agencies working for Pyongyang.
Just as Metrolinx, the Ontario transit agency, was in the crosshairs of a North Korean cyberattack in January, according to a spokesperson.
Just as North Korea was blamed by the U.S. — Pyongyang denies everything — for the 2014 attack against the Sony Pictures Entertainment network, allegedly provoked by the James Franco comedy film, The Interview, about a CIA attempt on the life of Kim Jong Un, supreme leader of the Hermit Kingdom.
North and South Korea — still technically at war because the Korean Peninsula conflict of the early 50s ended only with a wary ceasefire — are nuclear-armed neighbours, mutually paranoid despite talk of reconciliation, emanating mostly from Pyeongchang. The hatchet might be temporarily buried during the Olympics, with North Korea sending a team of athletes, officials and journalists — their presence the most practical shield, frankly, against malice from the North. But these Games are taking place against a background of unprecedented sabre-rattling between Pyongyang and Washington, with North Korea strutting its ballistic and nuclear capabilities, most recently in late November, which is when the Trump administration returned North Korea to the U.S. list of state sponsors of terror.
“Donald Trump’s tactless approach to diplomacy has inflamed the situation and significantly increased hostilities,” notes a security report prepared by the Unity Resources Group.
Washington did take one conciliatory step by delaying annual joint military exercises — code-named Key Resolute and Foal Eagle — until April. There are 38,000 American troops stationed in South Korea. Pyongyang had planned a military parade for the eve of the Games, Feb. 8, to mark the anniversary of the founding of their armed forces. Typical weaponry show-off.
To date, it’s all been heated rhetoric and vitriol, “Little Rocket Man” this and “mentally deranged dotard” that. But North Korean leader Jong Un is fundamentally unpredictable. So’s President Trump, for that matter.
Nobody is expecting the North to trigger a military provocation.
“The escalation has not resulted in any direct or discernible threat against the Winter Olympics,” says the Unity report, “and visitors are expected to attend the Games safely. In the event of a military confrontation, it seems plausible that Pyongyang would conduct a low-scale attack against the South Korean military to create a minor disruption and deter visitors.”
A piqued Pyongyang has taken aggressive actions against its southern neighbour in the past. After talks to quasi co-host the Seoul Summer Games in 1988 fell apart, a bomb was detonated on Korean Air Flight 858, killing all 104 passengers and 11 crew. One of the agents involved in the attack — just nine months before the Olympics — later told investigators the order had come from Kim Jong Il and one of the aims had been to frighten international athletes and international visits from attending the Games.
In June, 2002, as South Korea prepared to challenge Turkey for third place at the World Cup, North Korean patrol boats crossed the disputed maritime border, exchanging fire with South Korean vessels, killing six sailors.
Pyeongchang is only 80 kilometres from the narrow, heavily fortified demilitarized zone separating the two countries, which the Star visited Wednesday — bristling with barbed wire on the North side, soldiers drawing a bead on each other with field glasses, separated by a couple of kilometres at the eastern end of the demarcation line. It’s a stress both nations have learned to live with.
Perhaps the most powerful force dissuading Pyongyang from attempting any disruption of these Games would be the muscle-flexing disapproval of China, host of the next Winter Olympics in Beijing.
Yet there are so many other avenues to unsettle the Games, using covert malware tactics.
The Pyeongchang Olympics orga- nizing committee (POCOG) hired a private cybersecurity contractor to protect crucial infrastructure during the Games and the Paralympics in March, some 500 personnel given responsibility to operate X-ray screening devices at every site, the airport and the high-speed trains. POCOG earmarked $17.6 million (U.S.) for the screening security measures alone and total security costs have eaten up a large chunk of the $12.9-billion Games price-tag.
None of that high-tech security buffer prevented a spear phishing attack targeting Olympic organizations a month ago, spoofed messages pretending to come from South Korea’s National CounterTerrorism Centre, primarily aimed at icehockey@pyeongchang.2018, and intended, once opened, to execute commands on the victim’s computer, while installing additional malware.
It was a mischievous incursion, minimally disruptive. But just imagine the havoc that could be created with a full-on corruption of the digital technology utilized in scoring and judging and time-posts down to the hundredths of a second.
Never before have the Games been so intensely hardwired as the human eye and analogue measurements are discarded.
Many events rely totally on digital technology: Speed skaters will wear transponders around their ankles for accurate lap-timing, photofinishes captured at 10,000 frames per second. Bobsledding teams use sensors to measure speed and angular velocity instantaneously. Figure skating judges enter their scores into a computer system that calculates and correlates a variety of complicated data to arrive at a combined mark. Omega, official timekeeper of the Olympics, is introducing state-of-the-art technology in Pyeongchang — 230 tons of time- keeping machinery and equipment — to track every movement of athletes on the ice and snow: motion sensors attached to every athlete’s uniforms and equipment, devices on skaters’ boots, sleds, snowboards, skis.
Yet ingenious hackers always seem to be one step ahead, finding backdoor entries that puncture hypersophisticated safeguards.
Heck, an 18-year-old Grade 10 student managed to hack the Pentagon in 2016.
We know that attackers tried to hold NFL player data for ransom last year, that Russian hackers released sensitive health-care details about athletes heading to the Rio Games. To say nothing of the ability to manipulate doping results.
Betsy Cooper, director of the Center for Long-Term Cybersecurity at the University of CaliforniaBerkeley, wrote in a recent article that researchers, using a low-end digital camera, were able to zoom in on computer screens at three international sporting venues and read sensitive information. They were also able to capture passwords being entered into digital systems by officials.
So it doesn’t even have to be highend stealth.
But if some brilliant nerd puts his or her mind to it, the Games could be brought to an utter standstill if fishiness is suspected and results perceived as untrustworthy — thrusting everybody back to pencil and paper and hand-held stopwatches.
Beyond the cyberthreat, of course, are the more conventional ways to disrupt an Olympics with malevolent intent. At the Atlanta Games in 1996, all it took was a nails-andscrews bomb in a backpack at Centennial Olympic Park to cause the death of two people while injuring 111.
There is always the known and the unknown: terrorist threats against London in 2012, demonstrations against the anti-LGBT laws in Sochi, the Zika virus in Rio.
Olympic sponsors were given a preview of security measures last year. Some sports delegations will arrive with their own governmentprovided protection in place and emergency evacuation plans already drawn up.
The vast security apparatus for Pyeongchang began conducting mock drills in mid-January, which included a SWAT team shooting down a simulated bomb-carrying unmanned aerial vehicle hovering towards a bus full of athletes, and disabling a hijacker attempting to ram a vehicle into the Olympic Stadium. Officers in gas masks also simulated removing a chemical bomb.
All of the 18 games venues were put under lockdown as of Feb. 5. Rosie DiManno usually appears Monday, Wednesday, Friday and Saturday.