Paris Olympics: Let the (Cyber Aggressor) Games Begin
Athletes are gearing up for the 2024 Summer Olympics, and so are threat actors.
The 2020 Summer Olympics in Tokyo was subject to more than 450 million attempted cyberattacks, according to NTT, telecommunications company and 2020 Tokyo Olympics partner. That onslaught of attacks is likely to manifest again for the 2024 Summer Olympics in Paris. While we can expect some familiar threats (phishing among them), 2024 is not 2020. Geopolitical tensions running increasingly high, and the explosion of AI, have thrown grease onto the raging fires of misinformation.
What can we expect from threat actors targeting one of the biggest international sporting events, and how can stakeholders safeguard the Olympic Games, athletes, and attendees?
The 2024 Threat Landscape
The Olympics represent a potential goldmine for financially motivated threat actors. Thousands of athletes and visitors will converge on Paris, a rich opportunity for scams leading up to and during the event.
“The biggest victims, in my opinion, would be people that are actually trying to buy online merchandise and buy tickets. If they get defrauded, if they get scammed into trying to buy fake merchandise, fake tickets, that's where you're going to see the biggest impact,” says Jon Clay, vice president of threat intelligence at cybersecurity company Trend Micro.
Attendees could easily click on malicious links or download fraudulent apps that trick them into sharing personal information and sending money, lured by false promises of tickets, access, and other perks related to the Olympics. Threat actors could also target athletes by seeking to steal their personal information.
Financially motivated threat actors likely set their sights on more than just individual victims. Direct ransomware attacks on the infrastructure of the games or the periphery of its events --businesses and critical infrastructure in Paris -- could be extremely disruptive and potentially lucrative if the victims pay the demanded ransom.
“A ransomware attack by somebody against a hotel chain could lead to issues with availability of hotel rooms. A ransomware attack on a public utility could have impact there, be it [on] public transportation or things like that,” Mark Manglicmot, senior vice president of security services at cybersecurity company Arctic Wolf, tells InformationWeek.
Money isn’t the only motivation threats actors may have for targeting the Olympics. Nation state actors and hacktivists could be circling the event and looking for ways to use it as a platform to deliver a message.
Six members of the Russian Main Intelligence Directorate (GRU) were charged with disrupting the 2018 PyeongChang Winter Olympics, among other cybercrimes. Malware, dubbed Olympic Destroyer, caused major disruption to the opening ceremony that year. Russian athletes were banned from competing in the Olympic Games under the Russian flag due to government-sponsored doping, according to the US Department of Justice press release.
In 2024, the Olympics will unfold on the world stage as the Russia-Ukraine and Israel-Palestine conflicts continue. “In preparation for the Olympics, I think that it's responsible planning to assume … that the conflicts going on will manifest themselves in the Olympic Games somehow,” says Karl Mattson, field CISO at API security platform Noname Security.
How could these conflicts manifest in cybersecurity incidents? For one, nation state actors or hacktivists could aim to take over websites associated with the Olympics to post messages about their cause.
Actors seeking to support a specific cause could opt also for disruption. A distributed denial-of-service (DDoS) attack could take down WiFi at the Olympics, for instance.
“It's very difficult to stop it because what the malicious actors do is, they deploy millions and millions of devices, and they start to flood to your communication network with legitimate requests,” says Taimur Aslam, CTO at cybersecurity company Cytex.
A cyberthreat that causes widespread disruption could have significant consequences.
“If the lights aren't working, if the electricity isn't working, if the internet isn't working, if the water isn't working, if the trains aren't working … there could be potentially [be] disruption to regular daily life, as well as a lot of the specific events related to the Olympic Games,” says Caroline Wong, chief strategy officer at Cobalt, a security services company. “It may be an opportunity for folks, whether they're trying to convey a message or prove a point or cause injury.”
The Olympics rely on IT and OT to operate, and the sprawling, connected networks that make this event possible have many potential vulnerabilities.
Clay points to IoT devices as potential points of vulnerability. “There's tons of those things being utilized nowadays. I think that is going to be a key piece that they have to look at,” he says. “Those are very difficult to manage and protect.”
The Olympic Games are massive in scale. It takes an army of vendors to make this international spectacle a reality, and that means each vendor adds another link to the supply chain and all the potential risk that it carries.
“Trying to encourage those third parties to have a high-level of cybersecurity is going to be important because there's going to be a lot of trusted linkages between all these companies and the possibility of something going back and forth that is malicious is pretty high chance,” says Manglicmot.
A New Playing Field
Cybersecurity threats are not new to the Olympics, but in 2024, there are fresh challenges. “I think the other factor that really can’t be ruled out this time around would be the prevalent use of AI that the adversaries are probably going to employ,” says Aslam. “I think that was something that was missing from the 2021 and the 2018 Olympics.”
AI is going to make it easier for threat actors to execute convincing phishing campaigns. This technology is erasing the telltale signs of old, like bad grammar.
“A phishing email five years ago would have involved a malicious person trying to convince their victim or their target that they were trustworthy and asking for information, “says Wong. “These days, those bad actors can use AI in order to make their emails sound convincing.”
Deepfakes now make it even more difficult to discern legitimacy from fraud when you are speaking to someone over the phone or even seeing them on a screen. Threat actors could use this easily attainable technology to sow disinformation during the Olympics, either in service of financial or political gain.
“The Olympics being a big topic, the crowds, the audiences, the eyeballs ready to receive messages, ready to put their attention to all things Olympics related, I do think there is a disinformation opportunity,” says Wong.
It is possible that the impact of a deepfake technology could bleed into the physical world. “[If] somebody dressed up as law enforcement comes on one of the billboards and announces something and it causes a stampede or something within the stadiums … I think something along those lines, we need to be on the lookout for,” says Aslam.
The Show Must Go On
A tidal wave of cyberthreats may be coming for the Olympics, but the games will go forward. The International Olympic Committee (IOC), the host city of Paris, the multitude of vendors supporting the Olympic Games, and individual athletes and attendees all have a role to play in recognizing and combatting these threats.
“The IOC does have a track record of a very positive interactions with the local host cities going back decades, and this I would not expect … to be any exception [or anything] other than for this to be an example of good public private coordination pre-event,” says Mattson.
The Olympics is set to kick off at the end of July, but preparation for security will have begun long before the opening ceremony. Mattson was in Los Angeles when the city was named the host of the 2028 Summer Olympics. “The preparation for safety overall begins the moment a city has been named as the host,” he shares. “At the time that Los Angeles was designated as the 2028 city … that [was the] moment that the safety and security of the Los Angeles Games in 2028 began the planning phase.”
The French Cybersecurity Agency (ANSSI), as well as cybersecurity companies Cisco and Eviden, are involved in cybersecurity operations for the upcoming Olympics, Reuters reports.
While the task of defending against these threats is a big one, it depends on many of the cybersecurity measures that we have come to recognize as essential for operating any enterprise or major event. Data backups, managed detection and response, system patching, management of third-party risk, penetration testing, and disaster recovery plans will all need to be in place to keep the games running as smoothly as possible.
While the IOC, Paris, Olympic vendors, and businesses will be critical in safeguarding the infrastructure of the events, individual athletes and attendees will have their own devices and potential vulnerabilities.
“One of the best preventative actions would be to educate all the athletes, educate all the visitors who are going there about the dangers of phishing, smishing, and to be on the lookout for any malicious activity that they noticed when they're using their own devices,” says Aslam.
Individuals attending the event will need to be cognizant of how they are interacting with technology at Olympics events. For example, public Wi-Fi, while useful, comes with risk.
“It's always a good idea to be aware of what type of activity any of us are conducting on public Wi-Fi,” says Wong. “For example, when I'm traveling and I'm using public Wi-Fi, I'm comfortable using my maps application to try and get me from point A to point B. I’m comfortable browsing social media and news websites, but I'm not comfortable performing banking transactions when I'm on public Wi-Fi.”
The Olympics are a monumental feat of athleticism and international cooperation. “The unique challenge that they face --most businesses are pretty static, physically, from where they're at–but sports teams, they're always on the move,” says Manglicmot. “So, they have to be vigilant all over the globe when they're traveling, and that's part of what makes the Olympics a fantastic customer and viewer experience, but also what makes it a little bit heightened of a cybersecurity risk for all involved.”
About the Author
You May Also Like
2024 InformationWeek US IT Salary Report
May 29, 20242022 State of ITOps and SecOps
Jun 21, 2022