NBC Nightly News broadcast a very alarming report last week ahead of the Olympic Games in Sochi, showing just how quickly reporter Richard Engel’s phone and laptop were attacked by malware upon his landing in Russia. A digital security expert then poked holes in the report–but NBC stands by it.
But, as Russell Brandom at The Verge pointed out over the weekend, taking precautions against hackers overseas is just a matter of common-sense Web hygiene; surveillance by the Russian government, on the other hand, is a far bigger concern. The US State Department has warned that Russian law “permits the monitoring, retention, and analysis of all data that traverses Russian communication networks,” and that travelers should not communicate with any expectation of privacy. A Guardian report revealed a government surveillance program in place for the Sochi Games that was likened to “PRISM on steroids.”
Sports reporters traveling to Sochi last week went overseas with varying levels of preparedness and paranoia. Some reporters are using burner phones and Russian SIM cards, and traveled with brand new laptops containing no data. Others aren’t taking any precautions at all besides crossing their fingers and hoping for the best.
As would be expected, the types of precautions seem to depend on the size and resources of their news organizations, and the types of reporting they’re doing. For instance, everyone I spoke to seems to know they should be aware of the risk of hackers looking for bank account information, but not everyone thinks he or she would be a target for government surveillance. Most of the press is just covering sports events, after all.
“I don’t really care if the Russian government is reading everything I write,” wrote Grantland’s Katie Baker in an email. “I care slightly more about whether Eastern European hackers are draining my bank account.” Baker did say, though, that she was avoiding public Wi-Fi, and considering wiping her devices clean before heading back home.
Michael C. Lewis from the Salt Lake Tribune described some simple, common-sense precautions he took before he traveled, including removing all sensitive and personal information from his laptop, remembering not to auto-save his passwords, and saving all of his personal information on an external zip drive that he keeps separate from his computer. He developed most of those methods after his laptop was stolen out of the press room at the Olympics in Turin in 2006 rather than in response to a concern about being hacked.
“All of that probably sounds pretty naïve…but broadly speaking, I just don’t worry that I have too much information on my computer that’s worth having,” Lewis wrote. “You watch now, though; I’ll turn around and be the next guy whose credit card information bought a Lamborghini and a trunk full of beluga caviar.”
The larger organizations are likely taking more precautions, but were also less likely to want to talk about what those precautions were. The New York Times, Sports Illustrated, and ESPN all responded to questions with official “no comment” lines or else told their employees not to talk. Many others did not respond at all to requests for interviews.
To circumvent public Wi-Fi networks while covering the games, Yahoo Sports reporters are using VPNs and encrypted Web dongles that allow for private, secure communication. “I think it helps that I work for a technology company that considers these things, and that appreciates security, and understands how easy it can be for really computer savvy people, and there are a lot of them here, to just go and take whatever they want from you,” said Yahoo reporter Jeff Passan.
Private Wi-Fi definitely seems like a good idea, but what if it gets you in trouble with your hosts? Charles Robinson, also of Yahoo Sports, tweeted out a photo on Friday of a Russian organizer walking around the press room checking computers for private Wi-Fi hotspots. “There is a big conversation taking place now in Russian where he appears to be identifying people he wants thrown out,” Robinson wrote in another tweet. He took a picture of a sign on the wall that read: “The use of private wireless access points (Wi-Fi) is strictly forbidden unless approved by the Spectrum Management Team.”
As funny as the term “Spectrum Management Team” is, it indicates a concern that all the private hotspot signals will interfere with and slow down the public Wi-Fi that everyone else is using. But some reporters suspect that the real issue is either money (the organizers want to coerce people into buying higher-speed WiFi packages, rather than have them use their own) or control (the Russian government wants to spy on people through the wireless networks that they oversee). Either way, most people I spoke to are paying the same level of attention to the Spectrum Management Team sign as they are to those now-infamous signs with toilet instructions.
Some reporters have changed the way they think about digital security just in the past few days, after seeing what other Olympic visitors are doing to protect themselves. Tripp Mickle, a staff writer at Sports Business Journal, said he has taken note of corporate guests in his hotel who are using burner phones with Russian SIM cards bought upon landing. He says he feels a little bit naïve about his own preparations and precautions, but that he’s starting to think differently now.
“I realized yesterday that any sensitive conversations I plan to have–and that happens some, when you’re covering the business and logistics of an Olympics–need to happen in person,” wrote Mickle. “I am going to be vague in emails and phone calls and try to meet with people in person for conversations when possible.”
Mickle isn’t alone in having a more robust sense of (appropriate) paranoia than he previously had. Many reporters say that they’ve been thinking differently about their reporting processes, at home as well as overseas, ever since Edward Snowden first started to reveal the scope of NSA surveillance last year.
“With so much of the NSA stuff that’s gone on at home, at least I know this is the case for me, I’m always thinking that my computer or phone or whatever is potentially being looked at,” said Yahoo’s Jeff Passan. “Whereas a year ago, if somebody said that, they would have sounded paranoid, I think right now, everybody, whether it’s American or Russian or otherwise, probably thinks the same way.”
Lauren Kirchner is a freelance writer covering digital security for CJR. Find her on Twitter at @lkirchner