Friday 9 August
It's the 2024 Paris Olympics.
Cyber threat actors around the world have diligently taken advantage of the heightened digital and economic activity around the global event to achieve their financial and political ends.
As the Olympics draw to a close, let’s look at some cyber incidents and events that have unfolded over the past few weeks.
1. Ransomware
August 6 – The central network of around 40 Paris museums were hit with a ransomware attack, including Olympic venue Grand Palais. The attack did not affect the Olympic events. Paris police are now investigating the incident. Reuters
2. Data breach
July 26 – Several Israeli athletes’ sensitive personal data such as blood test results and login credentials were leaked on Telegram. The attacks are likely to have originated from Iran-backed groups amidst escalating tensions in the Middle East. Le Monde
3. Ticketing fraud
July 11 – Fake event tickets, merchandise, and mobile plan offers targeted fans as they prepared their trip to Paris. Authorities identified 338 fraudulent Olympics ticketing websites. Forbes / Kaspersky
4. Disinformation
In the days leading up to the Olympics, Russian influence actors – campaigns to deface the reputation of the IOC and to stir false fear among potential spectators of anticipated violence and terrorism in Paris. The groups’ tools included using AI and deepfakes to fabricate videos and news articles in English, French and other European languages to deliver anti-Olympics narratives. Microsoft
Takeaways
Big global events like the Olympics provide a massive attack surface. There is ample ground for bad actors to gain illicit profits, exert political influence, disrupt events and steal data. Vigilance and media literacy is key!
Further reading
Gold rush for data: Paris 2024 Olympic apps are eavesdropping on users – Ernestas Naprys, CyberNews
Phishing for Gold: Cyber Threats Facing the 2024 Paris Olympics – Mandiant (Google Cloud)