To much amusement, the biggest gripe so far at the Winter Olympics has been the not-ready-for-prime-time plumbing, exemplified by a photo of deeply hued tap water, tweeted by Chicago Tribune reporter Stacy St. Clair.
But as is often the case, the bigger threat to visitors may be the one they can’t see. As athletes, journalists, and spectators arrive in Sochi, their every electonic move is being watched. All information transmitted in the country via phone and Internet, including text messages and e-mails, is flowing through the Russian System for Operational-Investigative Activities, according to the U.S. State Department’s Overseas Security Advisory Council. The council is warning American travelers that the system, known as SORM, has had an upgrade in Sochi just in time for the games, allowing the Federal Security Service (formerly known as the KGB) enhanced access to communications.
“The system in Sochi is capable of capturing telephone (including mobile phone) communications; intercepting Internet (including wireless/WiFi) traffic; and collecting and storing all user information and data (including actual recordings and locations),” the U.S. council, which operates as a joint venture with the private sector, wrote in an assessment for its members ahead of the Olympics. “Deep packet inspection will allow Russian authorities to track users by filtering data for the use of particular words or phrases mentioned in emails, web chats, and on social media.” Of course, the terrorist threat at the Olympics is a real one, and the Russian system is authorized under local law, the report says.
The international gathering presents a cyber-minefield of threats from nation-state entities, in which “visitors to Sochi may also experience other types of surveillance and should have no expectation of privacy.” Hotel rooms and cars are among the locations that “may be monitored on site or remotely.” And forget about taking any swag that could interface with your electronics. ”Free or gifted computer storage media, such as USB thumb drives or CDs/DVDs, may also contain malware,” the report says.
The OSAC assessment, a copy of which Bloomberg Businessweek located on the website of a separate group, is dated Dec. 16, 2013, and labeled “for internal U.S. private sector security purposes only.” An article in the Fall 2013 issue of World Policy Journal cited a similar report, which it said was dated March of that year.
The warning reflects a quickly changing world, in which the public’s adoption of new technologies has led to new ways in which people can be watched. To protect themselves, travelers should avoid public or wireless data networks, bring devices cleared of sensitive information, encrypt communications, and remove batteries to prevent tracking of movements, the report says, citing global travel advice published by the U.S. Office of the National Counterintelligence Executive.
If it sounds like avoiding surveillance will become its own Olympian feat (and ruin the fun), the report has one bit of sensible advice: ”Leave behind all non-essential electronic devices when traveling to Sochi.”