WithSecure warns that Paris 2024 faces a greater risk of malicious cyberactivity than previous Olympics

WithSecure warns that Paris 2024 faces a greater risk of malicious cyberactivity than previous Olympics

With the Paris Olympics approaching, WithSecure has issued an evaluation report, Olympics – Cyber Threats to Paris 2024, to alert businesses, organisations and the general public to the cyberthreats facing the Paris 2024 Olympics.

This report categorises threat actors into Russian/Chinese/Iranian/North Korean state hackers, hacktivists and cybercrime groups, and describes their attack intentions, capabilities and likely objectives.

Attackers seek opportunities to exploit people’s attention, such as the fraudulent sales of fake, cheap tickets or free tour notifications. They often target organisers and sponsors, hijack events or associated sites to send political messages, and hijack relay network equipment to gain a foothold for cyberattacks.

There is no greater world stage than the Olympic Games. More than 500 million more people watched the 2022 Beijing Winter Olympics than the 2022 football World Cup, and a further billion people watched the 2020 Summer Olympics in Tokyo. Meanwhile, organisers of Tokyo 2020 also reported facing 450 million cyberattacks – although this is a somewhat vague statistic, as it is hard to quantify a single unit of ‘cyberattack’.

“We strongly believe that the Paris Olympics will face a greater threat of malicious cyberactivity than previous Olympics,” predicts Tim West, Director of Threat Intelligence and Outreach at WithSecure. “Hacktivists aligned with states that are pro-Russia will almost certainly try to disrupt the Olympics in some way. We assess that the level of threat these groups pose to the Olympics is moderate.”

As this year’s host nation, France is acutely aware of the prestige that comes with hosting the Olympics. Hackers also know that rampant cyberattacks can diminish that prestige. As a result, the direct and indirect impact of successful attacks on individuals, companies and organisations can be immeasurable.

Below are some of the other evaluations pointed out by WithSecure in the report:

  • Network defenders involved in Paris 2024 are almost certainly well-equipped and prepared to mitigate Computer Network Exploitation (CNE) and Computer Network Attacks (CNA) operations.
  • WithSecure assess with moderate confidence that some nation-state-sponsored intrusion sets (China, Iran, DPRK) may have objectives that can be achieved by capitalising on the topic of the Olympics, however the threat posed from these to the Olympics itself is low.

“There are numerous threats to the Olympics, with varying levels of motivation and capabilities, and a successful cybersecurity operation will be a great challenge for the Olympic authorities,” said West. “This being said, the defenders will also be well-equipped and will be able to take advantage of the lessons learned from past Olympics.”

Browse our latest issue

Intelligent CISO

View Magazine Archive