The Paris 2024 Olympics is a global event and therefore a prime target for hackers and cyber criminals. From state-sponsored attacks to financial scams, the risks are vast. This article covers the key cyber threats targeting the Paris 2024 Olympics.
Key takeaways
- State-sponsored cyber threats, particularly from Russia, China, Iran, and North Korea, pose significant risks to the Paris Olympics, with potential targets including event organizers, sponsors, and government agencies.
- Hacktivism and financially motivated cyber threats are expected to exploit the high-profile nature of the Olympic Games, with groups likely to use the event to further their agendas and conduct operations such as ransomware attacks and phishing scams.
- Robust risk mitigation techniques, including incident response plans, employee training, and advanced security technologies, are essential for effectively reducing cyber threats during the Paris Olympics.
Cyber landscape shaped by geopolitical tensions
This year's Olympic Games took off in the middle of geopolitical crisis. Due to the current situation and experience from the previous Olympics in Tokyo, which saw a staggering 450 million reported cyberattacks, the organizers of the Paris Olympics anticipated a rise in cyberattacks and an increased cyber threat. Prior to this year's opening ceremony, Bruno Marie-Rose, Director of Technology at the Paris 2024 Olympics, warned that he predicts eight to ten times more cyberattacks than was seen in the Tokyo Olympics.
This means that the French capital and organizers of this year's Olympics have taken many precautionary measures to protect against cyberattacks. Yet, the rapidly evolving threat landscape and the sophistication of modern cyber threats pose significant challenges. France has already reported 68 cyberattacks linked to the Olympics, including two targeted at Olympic sites at Bercy and La Villette.
In addition to traditional cybersecurity measures, the organizers have implemented advanced threat detection systems, real-time monitoring, and continuous collaboration with international cybersecurity agencies.
In the following, we cover specific threats targeting a major global event like the Olympic Games.
State-sponsored cyber threats
State-sponsored cyber threat actors pose a significant risk to the Olympics, with threats ranging from sabotage to espionage aimed at undermining the event’s success. High-profile global events like the Olympics are appealing targets for cyber disruptions, which can have significant psychological and reputational impacts. These cybersecurity threats could potentially target not only the event itself but also sponsors, government agencies, and other organizations involved. State-sponsored threat actors may target the Olympics to gather sensitive information that supports their national interests.
Threats against the 2024 Summer Olympics likely include destructive campaigns by state-sponsored actors from various nation-states. Russian cyber operations pose the highest risk. While threats from other states are considered lower, their potential impact remains significant.
Russian cyber operations
Russian state-sponsored groups are expected to conduct disruptive operations during the Paris Olympics, influenced by ongoing geopolitical tensions. The discord between Russia and France over the Ukraine conflict is likely to elevate the threat of pro-Russian hacktivism, with narratives reflecting Russia’s grievances regarding their athletes’ participation restrictions due to international sanctions.
Cyber espionage and influencing public perception
State-sponsored cyber threat actors may focus on collecting sensitive intelligence rather than executing disruptive operations during the Olympics. Potentially, nation-states could exploit the event to strengthen their messaging against Western narratives and promote their own viewpoints.
State-sponsored threat actors may also see the Olympics as an opportunity to enhance their operations and visibility. They may exploit the heightened attention and scrutiny of the Olympic Games by targeting civil society organizations, aiming to influence public perception.
Hacktivism and information warfare
Hacktivism and information warfare pose significant risks to the Olympic and Paralympic Games, with hacktivist groups likely to exploit Olympic-themed content to further their agendas. High-profile operations aimed at disrupting the games can draw attention to their causes and promote their narratives. The antagonistic relationship between Russia and Europe, coupled with perceived grievances regarding athletes competing as neutral, may increase the level of threat from hacktivist groups.
The hacktivist threat to the Olympics is elevated due to a history of targeting previous games. Pro-Russian and other hacktivist groups are expected to be particularly active, leveraging the high-profile nature of the event to amplify their messages.
Furthermore, geopolitical tensions often manifest in the form of disinformation campaigns. The Olympics is therefore likely to be a target for spreading fake news, false results, or misleading information to create chaos, confusion, and distrust among the public and participants.
Pro-Russian hacktivism
Identified pro-Russian hacktivist groups targeting the Summer Olympics include:
- Anonymous Sudan
- Cyber Army of Russia Reborn
- NoName057(16)
- UserSec
- Server Killers
These groups are expected to conduct frequent, moderate severity threats, promoting narratives that are pro-Russia, anti-Ukraine, and anti-Western. Other groups supporting China, Iran, and North-Korea are also expected to utilize Olympic narratives to promote their own ideologies. Generally, hacktivist operations may attempt to instigate unrest by utilizing Olympic narratives to influence local sentiments.
Financially motivated cyber threats
The 2024 Olympics are anticipated to generate billions in revenue, making them an attractive target for financially motivated cyber criminals. These cyber threats are expected to be opportunistic in nature, with cybercriminals looking to exploit vulnerabilities for financial gain. Typical tactics include malware infections, ransomware attacks, and various forms of social engineering. Cyber criminals also create fraudulent websites that spoof everyday services like email, online shopping, and banking to exploit consumer data.
Corporate Account Takeover (CATO) attacks often involve malware infections through email or websites, leading to unauthorized transactions and significant financial losses for businesses. Weak computer safeguards and minimal controls over online banking make businesses prime targets for CATO attacks.
Ransomware attacks
Ransomware attacks on critical systems are becoming more frequent, with cybercriminals demanding payment for restoring access. Preventative measures include employee training and strong information security controls, along with incident response planning and business continuity plans.
ATM Cash Out schemes
ATM Cash Out schemes exploit vulnerabilities in ATM machines, allowing for fraudulent transactions that can result in significant financial losses. Fraudsters can manipulate machine settings to enable withdrawals that exceed account balances, leading to unauthorized access to funds.
Phishing attempts
Phishing scams during the Olympics often involve impersonating official organizations to trick individuals into providing sensitive information. The primary aim of these phishing attempts is to steal bank details and login credentials from unsuspecting victims.
Distributed Denial of Service (DDoS) attacks
DDoS attacks aim to make online services unavailable by overwhelming them with traffic. Such disruptive cyberattacks can negatively impact the reputation of the Olympics, disrupt experiences for attendees, and lead to financial losses. Due to the high-profile nature of the event, a DDoS attack is a significant threat.
Service disruptions from these attacks can affect operational continuity and harm a brand’s reputation by eroding customer trust. The 20% year-over-year increase in DDoS attacks underscores the growing threat to online services.
Botnet utilization
Cyber attackers often form botnets by hijacking numerous devices, including IoT devices, to conduct large-scale DDoS attacks. Infection through malware is a common method for creating botnets used in DDoS attacks.
Mitigation strategies
Proactive measures are crucial for effectively mitigating the impact of DDoS attacks. Enhancing DDoS resilience involves overprovisioning resources to absorb traffic surges and using cloud-based scrubbing services to filter out malicious traffic.
Malware and data security
Malware, i.e. malicious software specifically created to inflict harm on computers, poses significant risks to the Olympics. This malicious software can compromise the confidentiality, integrity, or availability of data, making it a critical cybersecurity threat. Advanced Persistent Threat (APT) groups like APT44 have distributed various malware types targeting Olympic activities, affecting systems ranging from Windows to Android.
The use of ransomware, a type of malware that limits access to systems and demands ransom for restoration, is particularly concerning. Robust cybersecurity protocols and vigilant monitoring are necessary to prevent malware infections and ensure data security during the Olympic Games.
Spyware and data theft
Spyware poses a significant risk to the integrity of data related to the Olympic Games, often used for gathering sensitive information from officials and organizations. Cyber threat actors have an interest in using spyware to collect sensitive information related to the successful hosting of the Olympics.
Threats associated with apps
Apps linked to the Olympics, including official event apps and ticketing platforms, present a significant cyber threat. These applications, often downloaded and used by millions, become prime targets for cybercriminals aiming to exploit vulnerabilities.
Malicious actors can insert malware into fake versions of these apps, which unsuspecting users might download, leading to data breaches, identity theft, and unauthorized access to sensitive information. Additionally, legitimate apps may have security flaws that can be exploited to gather personal data, track user movements, or disrupt services.
Malicious code injections
Malicious code injections refer to the insertion of malicious scripts or programs into websites and systems, which can compromise data integrity and overall security during high-profile events like the Paris Olympics. Common types of malicious code that can be injected include cross-site scripting (XSS), SQL injection, and remote scripts that can exploit vulnerabilities in web applications.
Protection measures
Using input validation and sanitization techniques helps prevent malicious code from being executed in applications. To guard against malware, one should avoid downloading software from untrusted sources.
Summary
In summary, the Paris 2024 Olympics face a multifaceted cyber threat landscape shaped by geopolitical tensions and the evolving nature of cyberattacks. Proactive measures, international cooperation, and continuous vigilance are crucial to ensuring the security and success of this global event.
Frequently asked questions
What are the main cyber threats to the Paris 2024 Olympics?
The primary cyber threats to the Paris 2024 Olympics encompass state-sponsored operations, hacktivism, financially motivated cybercrime, DDoS attacks, and malware infections. It is essential to remain vigilant against these varied risks.
Why are the Olympics an attractive target for cybercriminals?
The Olympics are particularly appealing to cybercriminals due to the substantial revenue generated and the extensive global attention, which create numerous opportunities to exploit vulnerabilities for financial gain, among other things.
How can individuals protect their data while using Olympic apps?
To protect your data while using Olympic apps, it is essential to download them from trusted sources, utilize strong passwords, and enable two-factor authentication. It is also important to pay attention to privacy settings and tracking.
Emilie Hartmann
Emilie is responsible for Moxso’s content and communications efforts, including the words you are currently reading. She is passionate about raising awareness of human risk and cybersecurity - and connecting people and tech.
View all posts by Emilie Hartmann