For a variety of malicious threat actors operating in and out of cyberspace, prominent events with large audiences, such as sporting events and elections, are prime targets for attack.
Cyberthreats to Paris
With the Paris Olympics approaching, WithSecure™ (formerly F-Secure Business) has issued an evaluation report, "Olympics – Cyber Threats to Paris 2024", to alert businesses, organisations, and the general public to the cyber threats facing the Paris 2024 Olympics.
This report categorises threat actors into Russian/Chinese/Iranian/North Korean state hackers, hacktivists, and cybercrime groups, and describes their attack intentions/capabilities/likely objectives.
Attacking opportunities
Attackers often target organisers and sponsors, hijack events or associated sites to send a political message
Attackers seek opportunities to exploit people's attention, such as the fraudulent sales of fake, cheap tickets or free tour notifications.
They often target organisers and sponsors, hijack events or associated sites to send political messages, and hijack relay network equipment to gain a foothold for cyber attacks.
Cyber-attacks
There is no greater world stage than the Olympic Games. More than 500 million more people watched the 2022 Beijing Winter Olympics than the 2022 football World Cup, and a further billion people watched the 2020 Summer Olympics in Tokyo.
Meanwhile, organisers of Tokyo 2020 also reported facing 450 million cyber-attacks - although this is a somewhat vague statistic, as it is hard to quantify a single unit of 'cyber-attack'.
Assessing threat levels
"We strongly believe that the Paris Olympics will face a greater threat of malicious cyber activity than previous Olympics," predicts Tim West, Director of Threat Intelligence and Outreach at WithSecure.
“Hacktivists aligned with states that are pro-Russia will almost certainly try to disrupt the Olympics in some way. We assess that the level of threat these groups pose to the Olympics is moderate."
Impact of cyberattacks
As 2024's host nation, France is acutely aware of the prestige that comes with hosting the Olympics
As 2024's host nation, France is acutely aware of the prestige that comes with hosting the Olympics. Hackers also know that rampant cyber-attacks can diminish that prestige.
As a result, the direct and indirect impact of successful attacks on individuals, companies, and organisations can be immeasurable.
Report evaluations
Below are some of the other evaluations pointed out by WithSecure in the report:
- Network defenders involved in Paris 2024 are almost certainly well-equipped and prepared to mitigate Computer Network Exploitation (CNE) and Computer Network Attacks (CNA) operations.
- WithSecure assesses with moderate confidence that some nation-state-sponsored intrusion sets (China, Iran, DPRK) may have objectives that can be achieved by capitalising on the topic of the Olympics, however, the threat posed by these to the Olympics itself is LOW.
Cyber security operation
"There are numerous threats to the Olympics, with varying levels of motivation and capabilities, and a successful cyber security operation will be a great challenge for the Olympic authorities," says West.
"This being said, the defenders will also be well-equipped and will be able to take advantage of the lessons learned from past Olympics," he concludes with optimism.
