2022년 동계 올림픽에 대한 위협

Editor’s Note: The following post is an excerpt of a full report. To read the entire analysis, click here to download the report as a PDF.

This report synthesizes findings from the Recorded Future® Platform and open-source intelligence (OSINT) sources to analyze the threat landscape ahead of the 2022 Beijing Winter Olympic Games. The threats analyzed include nation-state cyber operations, financially motivated and hacktivist cyber threats, influence operations, and geopolitical and physical security threats. This report will be of most interest to organizations affiliated with the Olympics organization, Olympic sponsors, or individuals intending to participate in or engage with the upcoming Winter Olympics.

Executive Summary

2022년 중국 베이징에서 동계 올림픽이 개최됨에 따라 올림픽이 직면한 사이버, 정보, 지정학적, 물리적 위협이 크게 변화하고 있습니다. 이 보고서는 국가가 후원하는 사이버 작전, 금전적 동기를 가진 핵티비스트 사이버 활동, 중국의 국가 후원 영향력 행사, 국제 지정학적 긴장, 시위를 포함한 물리적 보안 위협 등 2022년 동계올림픽이 직면한 모든 위협에 대해 분석합니다.  

Recorded Future concludes that Russia, Iran, and North Korea likely lack the motivation to launch disruptive cyberattacks against the 2022 Winter Olympics due to their close geopolitical relationships with China. Instead, Chinese, Russian, Iranian, and North Korean state-sponsored cyber operations are more likely to be conducted according to surveillance and cyber espionage intelligence requirements. We did not observe any notable dark web chatter or statements by ransomware groups expressing intent to target the 2022 Winter Olympics, though we did identify advertisements on dark web markets for the sale of account details related to the volunteer and media portals of the Games. Financially motivated threat actors will almost certainly opportunistically exploit the 2022 Beijing Winter Olympics, particularly with Olympic-themed phishing campaigns, to target a range of victims, including the Games themselves, associated organizations, and individuals attending or engaging with the event. Further, hacktivists will likely target the Games, including corporate sponsors, in response to China’s human rights abuses. Corporate sponsors are already receiving significant online criticism for being associated with the Games being hosted in Beijing.

Hosting the 2022 Winter Olympics is an opportunity for the Chinese government to broadcast the successes of China’s political and economic system. Accordingly, China’s influence operations to promote and support the Beijing Games are mainly positive and target both domestic and international audiences. These influence efforts are paired with a much more negative campaign to defend against criticism of China’s human rights abuses. The Chinese government is already conducting widespread domestic censorship of this criticism and is seeking to downplay and discredit the international diplomatic boycott effort. There have also been grassroots calls for physical protests at the Games, primarily in response to China’s human rights abuses. The most recent news, however, indicates that the public will no longer be able to attend the Games due to strict COVID-19 measures. Protests taking place in the weeks leading up to the Games will likely intensify as the Games begin.

주요 판단

• 레코디드 퓨처는 2022년 동계 올림픽, 관련 단체 또는 개인을 대상으로 하는 국가 후원 APT 활동에 대해 알지 못합니다. 마찬가지로, 다크 웹 포럼에서 랜섬웨어 그룹이나 행위자가 게임을 표적으로 삼겠다는 의사를 표명한 사례는 관찰되지 않았지만, 상당한 수익이 발생할 가능성이 있다는 점에서 게임은 랜섬웨어 그룹에게 매력적인 표적이 될 수 있습니다.
• 2022년 동계 올림픽을 겨냥한 러시아, 이란, 북한의 국가 지원 사이버 공격은 이들 국가가 개최국인 중국과 긴밀한 관계를 유지하고 있기 때문에 나타날 가능성은 낮습니다. 대신 2022년 동계 올림픽에서 중국, 러시아, 이란, 북한의 국가 후원 사이버 작전은 감시 및 사이버 첩보 정보 요구 사항에 의해 주도될 가능성이 높습니다.
• It is almost certain that financially motivated threat actors will opportunistically exploit the 2022 Winter Olympics, particularly with Olympic-themed phishing campaigns. We have already observed an Olympic-themed malware sample. Furthermore, hacktivists will likely target the Games, including corporate sponsors, in protest against the Chinese government’s human rights abuses.
• 중국 정부는 2022년 동계 올림픽을 홍보하고 국내외 비판을 방어하기 위해 전체 선전 시스템을 동원해 장기적이고 조직적인 영향력 캠페인을 벌이는 동시에 이러한 비판에 대한 광범위한 검열을 실시하고 있습니다.
• The 2022 Winter Olympics is being used to promote the digital yuan (e-CNY) by making it possible for foreign visitors to use the e-CNY at Olympic venues in Beijing without having a Chinese bank account, likely to build international credibility of China’s central bank digital currency as part of a larger effort to boost the international standing of the yuan.
• 중국 정부는 보이콧으로 인한 평판 하락을 완화하기 위해 2022년 동계올림픽을 보이콧하려는 국제적인 노력을 경시하고 신용을 떨어뜨리려고 노력했습니다. 올림픽에서 물리적 시위를 하자는 풀뿌리 요구가 있었고, 올림픽이 진행됨에 따라 중국과 전 세계에서 시위가 격화될 가능성이 높습니다.

Editor’s Note: This post is an excerpt of a full report. To read the entire analysis, click here to download the report as a PDF.