The 30th Summer Olympics games are ongoing in France capital city of Paris. 15,000 athletes from across the world are expected to take part in the month-long event. During this period, Paris usually one of the most visited cities annually, is expected to host more than 15 million tourists. As such, France is facing the threat of both physical attacks and cyber-attacks.
READ: Paris 2024 Olympics Faces Major Online Backlash For Opening Ceremony
In the current era, Olympic Games are primarily technology events as the whole organization relies on digital technology. Consequently, cyberattacks targeting the Olympics could disrupt a wide range of operations, from event planning and ticket sales to city infrastructure and the experiences of athletes and spectators. Paris Olympics sponsors could also be a target.
Beyond financial gain, malicious actors may exploit the event for political or ideological purposes. After the Crowdstrike issue recently, France’s cyber experts are also wary of human error.
The risk of foreign interference or a terrorist attack remains high, “the threat is real and constant, it hasn’t changed for several years,” says Wassim Nasr, a journalist from FRANCE 24.
“We are ready and we will be ready throughout the Games,” French President Emmanuel Macron said on Monday.
Confirmed Cyber Attack Incidents
Threats to the game are not just likely but already there have been recorded incidences. In March 2024, the French government issued a warning that several government agencies had experienced a DDoS attack, which, while using familiar technical methods, was of unprecedented intensity.
On Thursday, Paris Prosecutor Laure Beccuau announced a large-scale operation launched to eliminate a computer virus that had compromised millions of systems globally, including a substantial number in France.
“On the eve of the opening of the Olympic Games, this operation demonstrates the vigilance of the various players, in France and abroad, mobilised to combat all forms of cybercrime,” Beccuau said.
Fake news and disinformation campaigns have also intensified on digital platforms. Last week on Wednesday, a video posted on X, allegedly showing a Hamas member threatening France, has garnered over 14 million views. The footage depicts a man with his face concealed by a keffiyeh, displaying a Palestinian flag on his chest, condemning France for its support of Israel. He then holds up what appears to be a decapitated and bloody head of “Marianne,” the symbol of republican France. This is what espionage experts refer to as a “false flag” operation, intended to mislead or incite conflict.
French Mobile phone and internet Cables Cut
Yesterday, French Police confirmed several telecommunications operators faced disruptions after fiber optic cables were “sabotaged” across six regions in France. The major fibre optic cables, particularly those connecting the 4G network, were cut between on Sunday night (July 28) and Monday morning. Disruptions were reported on the network operators Free, SFR, Orange and Bouygues.
Calling the attacks “cowardly and irresponsible”, Marina Ferrari, Secretary of State for Digital Affairs, confirmed the incidents saying, “Damages committed in several departments last night affected our telecommunications operators,“
Sabotage of multiple high-speed rail lines created widespread disruption at train stations on the eve of the Olympics. This attack on critical infrastructure came after a mobile phone mast was destroyed in Saint-Orens de Gameville, causing a major communications blackout on July 24th. An anarchist group claimed responsibility for the mast attack, stating it was a protest against the Paris Olympic Games.
Paris Olympics Possible Cyber Threats
According to Mandiant Intelligence, financially driven actors pose a somewhat significant threat to the security of the 2024 Summer Olympics. A busy competition means that large amounts of financial transactions will be conducted. Opportunistic actors may take advantage with the hope of gaining profit.
Ransom and extortion are one major threat that the Olympic host is familiar with. Globally, France is the fifth most frequent target of cybercriminals using ransomware and data extortion. It is suspected that cybercriminal groups active in France in the past will intensify their activities during the summer games. Financially-motivated actors may target the Olympics to steal Personal Identification Information (PII).
Secondly, cybercriminals are drawn to the lucrative ticket market for major sporting events. They create fake websites to sell counterfeit tickets, taking advantage of high demand and the volume of financial transactions on third-party platforms. As a precaution, the official Olympics website has warned the public in advance stating, “There is only one official ticket purchasing website for the Paris 2024 Olympic and Paralympic Games: tickets.paris2024.org. No other website has the right to sell tickets for the Paris 2024 Olympic Games and Paralympic Games,”
There is concern that many threat actors will target QR codes, which will be ubiquitous throughout Paris over the summer and even mandatory for parking in the capital.
Threat actors are likely to leverage public interest in the Olympics as bait for social engineering attacks, even if the ultimate target is something else entirely. The activities may include credential phishing, and distribution of Windows, MacOS, and Android malware. They are bound to use different ways to lure victims online then infect their devices with malware.
Hacktivism at the Olympics
The Paris Olympics take place at a period of heightened geopolitical tension. Hacktivists, who tend to rely on DDOS attacks, may strike the events. Distributed denial of service (DDoS) attacks are often considered mere annoyances in the cybersecurity realm, but when successful, they can significantly disrupt online services or live events. Hackers have increasingly turned to DDoS attacks, which inundate websites with malicious bot traffic, to attract attention or mask more extensive hacking operations
Hactivists are aware that media broadcasters don’t want their systems going down during an event. Futher, the ticketing systems don’t want to be down at that moment when 20,000 people are trying to enter a soccer stadium.
In early July 2024, Cyble researchers reported that the Russian hacktivist groups “People’s Cyber Army” and “HackNeT” conducted test DDoS attacks on French websites as a prelude to the Olympic Games. A FortiGuard Labs report revealed a dramatic rise in dark web activity focused on French entities in the second quarter of 2024, coinciding with heightened hacktivist operations.
The Cybersecurity Workforce
“A dream team of public and private organizations has been working together with the Agence nationale de la sécurité des systèmes d’information (ANSSI), France’s national cybersecurity agency, the International Olympic Committee, and the Paris 2024 Organizing Committee,” former FBI Special Agent Jason Hogg said, “to establish an enhanced Cybersecurity Infrastructure,” he added. The team has been preparing as hard as the competing athletes to ensure mitigating defences are in place.
After four years of constructing the Games’ network architecture with Cisco and Atos’ Eviden, Franz Regul leads a specialized cybersecurity team of 15 within the 3000-member Cybersecurity of The Paris 2024 Organizing Committee (COJOP) . The team is also supported by volunteers.
French cybersecurity agency (ANSSI) is COJOP’s single point of contact with the French government. ANSSI was assigned the mission to secure the games back in 2022. ANSSI additionally serves as the head of the CNSJ, a civilian task force responsible for securing Olympic and other international sporting events.
ANSSI and the CNSJ collaborate with the CNCS, which includes the UNCyber – France’s military cyber command. ANSSI’s workforce has expanded to 630, ready for deployment during the Games, while UNCyber’s personnel has grown from 330 to 1000. This combined force of civilian and military cyber experts is protecting the Games.
Paris Olympics Cybersecurity Strategy
To ensure the security of the Games, efforts are focused on bolstering defences against cyber threats, safeguarding critical IT systems, and protecting sensitive information. A robust plan for responding to cyberattacks has been developed, and public awareness of potential cyber risks is being heightened.
For instance, a segmented network architecture has been implemented. The comprehensive incident response plans put in place are regularly tested through simulations. Additionally, a robust threat intelligence sharing program is operational. The Olympics has also launched an online resource centre for those concerned about cybersecurity during the Games.
A fortified system for tracking, alerting, and addressing IT security incidents has been deployed by COJOP, ANSSI, and other French government bodies to manage the increased cyber risks. The ANSSI, CNSJ, and France’s Ministry of the Interior have collectively identified 700 organizations requiring support, categorizing them into three groups:
- Entities essential for organizing the Olympics, including the ticketing portal, logistics platforms and solutions, and athlete access systems to accommodation and sporting infrastructure.
- Entities that are particularly sensitive, such as infrastructure operators like transport, hospitals, administration, and sporting facilities.
- Other organizations associated with either the Games or France, including sporting providers and companies operating within the country.
Dedicated Budget
Approximately eighty high-priority organizations have undergone system audits by ANSSI and receive ongoing technical support from them. During the Games, COJOP will be responsible for their cybersecurity. Nearly one hundred organizations are classified as sensitive and share security responsibilities between COJOP and ANSSI. These sensitive entities have also benefited from a dedicated €10.1 million ($11 million) cybersecurity support program spearheaded by ANSSI.
Lastly, nearly 500 organizations, including host communities, transport operators, and certain media outlets, are classified under category three.
While the range of cyber threats targeting the Olympics has expanded, the security community is significantly more prepared than in past Games. By analysing previous attacks on Olympic events, valuable insights have been gained into potential attack vectors.