Cyber threats loom as Paris Olympics draw near millions of fans

The Olympic Games in Paris are a significant event for all sports fans. However, one must not forget about IT security, as the event also attracts cybercriminals.

The Olympic Games draw the attention of millions of viewers worldwide. Many of them sit in front of their televisions to watch the athletes' competitions live. The opening ceremony, scheduled for July 26, 2024, is expected to attract about a billion viewers. This immense interest in the event leads to an increase in cybercriminal attacks.

“The Olympic Games are not just a major sporting event; they also influence the general perception of the host country on the international stage. Any incident that questions the level of preparedness for the competition can be used to undermine the global position of the country. In France's case, internal political tensions and difficult relations with countries like Russia further increase the risk,” notes Tim West, Director of Threat Intelligence at WithSecure.

Russian attempts to disrupt the Games are nothing new. In June, Microsoft described a Russian disinformation campaign targeting the organization of the Games, which used a deepfake featuring Tom Cruise. WithSecure experts point to a high probability of cyberattacks commissioned by Russian authorities. The main goal of these attacks is to compromise France and the International Olympic Committee, as well as to demonstrate Russia's strength on the international stage.

Geopolitical turmoil surrounding the Games and their international publicity will attract hacktivists—groups of cybercriminals acting out of ideological rather than financial motivations. Hacktivists have been particularly active online since the outbreak of armed conflicts in Ukraine and Israel.

Hacktivists will undoubtedly seek to exploit the Olympics to promote their social and political goals. Many groups' motivations and actions may align with Russia's strategic political goals. In recent years, numerous pro-Russian hacktivist groups have been involved in attacks aiming to support Russia's interests and destabilize opponents. In April 2024, Mandiant reported on three groups attacking strategic networks and internet services vital to Ukraine. There is a real risk that Russia will want to expand its influence on other criminal groups to enhance its cyber warfare activities, emphasizes Tim West.

Hacktivists' goals vary. Some aim to destabilize a country's internal situation by attacking its energy and telecommunications infrastructure. Other groups seek international publicity to amplify their message, for example, by interrupting television broadcasts to air their own video content.

Cybercriminals may exploit security vulnerabilities to take control of organizers' official websites or critical infrastructure. A similar situation occurred during the London Summer Olympics in 2012 when hackers tried to cut off the Olympic Stadium's power supply.

Olympic fans may also become targets for cybercriminals. It is estimated that 15 million people will come to Paris for the Olympics, and around 13 million tickets will be sold. Among such a large number of interested parties, scammers will find it easier to target fans who caught up in the excitement of the sports, fall for fake offers of cheap tickets or accommodations.

Ensuring cybersecurity during the Olympics is a significant challenge for the organizers. As WithSecure experts point out, lessons from previous Games have been learned, and specialists responsible for protection are equipped with the necessary tools and measures to counteract attacks, ensuring adequate security.