Cyber threats we can expect at the Paris Olympics
Nation state-sponsored threat actors, organized cybercriminal cartels and hacktivists are expected to be active during the upcoming 2024 Paris Summer Olympics and Paralympics, which will be hosted against a fractured geopolitical landscape, including Russia's war in Ukraine and Israel's conflict with Hamas. There will likely be three types:
Nation-state sabotage: Russian nation state-level cyber units will likely attempt to sabotage the 2024 Games, something that we have already observed in previous years during both the 2018 Winter Olympics as well as the 2020 Tokyo Summer Olympics in which Russia’s GRU military intelligence service engaged in cyber reconnaissance, targeting officials and organizations involved in the events. With Russia being suspended from participation as a sanction from the International Olympic Committee for its invasion of Ukraine, operations launched by Moscow-aligned cyber forces, such as Sandworm (a group that attacked previous events with the “Olympic Destroyer” malware), will likely surge in retaliation. Motivation for these efforts would likely include retaliation, damaging the reputation of the Paris Olympics to promote its own 2024 World Friendship Games in September, and to counter French President Emmanuel Macron’s pro-Ukraine position.
Ransomware: Ransomware attacks could cripple critical systems by encrypting data, whilst demanding ransoms to restore access through extortion efforts, potentially disrupting event schedules with delays.
Data breaches and scams: The Games will also provide a rich environment from which organized cybercriminal cartels will likely conduct widespread phishing operations, preying on vulnerable spectators throughout the summer period. The 2024 Games will provide financially motivated hackers with the opportunity to target the retail sector, which will likely involve fraudulent online ticket sales with the objective of financial data and credential theft. These efforts will likely be primed by the sheer quantity of personal data available for compromise with thousands of athletes and officials present, as well as millions of spectators expected in attendance.
Critical infrastructure attacks: With the Olympics relying on a range of critical infrastructure assets, politically aligned hacktivists’ distributed denial-of-service (DDoS) attacks will likely target energy grids and telecommunication networks which would result in the disruption of venue lighting and live streaming, severely hampering the event experience for spectators globally. Transport hubs would also likely be a prime target with France expected to see a significant influx of foreign visitors, including spectators, athletes, government officials, and journalists.
Event organizers have previously fallen short with executive support for robust cybersecurity strategies, availability of financial resources and human expertise, and sharing of intelligence. Fortunately, Paris 2024 organizers have been proactive and seem to have these bases covered. The ever-evolving threat of cyber-attacks has resulted in the International Olympic Committee implementing cutting-edge defense mechanisms, to ensure the Games allows for the demonstration of athletic excellence whilst maintaining the highest level of cyber resilience. With President Macron stating that securing the Games is of paramount importance, training protocols to secure the event have already been put in place with artificial intelligence (AI) being leveraged for threat assessments and triage, as well as ethical hackers being recruited to stress test the security of the Olympics’ digital infrastructure.
The criticality of cybersecurity and law enforcement collaboration cannot be emphasized enough when it comes to ensuring the success and security of the 2024 Paris Summer Olympics. International agencies should raise public awareness of these cyber threats so that organizations with a business presence in the region can remain vigilant throughout the summer period to avoid potential business disruption.
These operations are already in place with event organizers collaborating with law enforcement and ANSSI (French National Agency for Information Systems Security to mitigate the impact of the anticipated cyber-attacks. The joint effort will involve the Technology Operations Centre (TOC), opened by international IT services company, Atos, the Cybersecurity Operations Centre (CSOC), set up by global cyber security company, DataDome, and Portugal’s National Strategic Command Centre (CNCS) coordinating in operational centers at undisclosed locations around Paris.
Image credit: KaviDesigns345/depositphotos.com
Craig Watt is a Threat Intelligence Consultant at Quorum Cyber, specializing in strategic and geopolitical intelligence.