Cyber threats at the Olympics

Big global events like the Olympics provide a massive attack surface.

Friday 9 August  

It's the 2024 Paris Olympics.  

Cyber threat actors around the world have diligently taken advantage of the heightened digital and economic activity around the global event to achieve their financial and political ends.  

As the Olympics draw to a close, let’s look at some cyber incidents and events that have unfolded over the past few weeks. 

 

1. Ransomware

August 6 – The central network of around 40 Paris museums were hit with a ransomware attack, including Olympic venue Grand Palais. The attack did not affect the Olympic events. Paris police are now investigating the incident. Reuters  

 

2. Data breach 

July 26 – Several Israeli athletes’ sensitive personal data such as blood test results and login credentials were leaked on Telegram. The attacks are likely to have originated from Iran-backed groups amidst escalating tensions in the Middle East. Le Monde   

 

3. Ticketing fraud 

July 11 – Fake event tickets, merchandise, and mobile plan offers targeted fans as they prepared their trip to Paris. Authorities identified 338 fraudulent Olympics ticketing websites. Forbes / Kaspersky  

 

4. Disinformation  

In the days leading up to the Olympics, Russian influence actors – campaigns to deface the reputation of the IOC and to stir false fear among potential spectators of anticipated violence and terrorism in Paris. The groups’ tools included using AI and deepfakes to fabricate videos and news articles in English, French and other European languages to deliver anti-Olympics narratives. Microsoft 

 

Takeaways

Big global events like the Olympics provide a massive attack surface. There is ample ground for bad actors to gain illicit profits, exert political influence, disrupt events and steal data. Vigilance and media literacy is key!  

 

Further reading 

Gold rush for data: Paris 2024 Olympic apps are eavesdropping on users –  Ernestas Naprys, CyberNews 

Phishing for Gold: Cyber Threats Facing the 2024 Paris Olympics – Mandiant (Google Cloud)