The next Olympic Games hosted in Paris will take place from 26 July to 11 August 2024, while the Paralympic Games will be carried out from 28 August to 8 September 2024.
Paris 2024 estimated the number of spectators for the next edition to be 9,7 million on 40 Olympics sites.
Based on these observations and given the constantly evolving cyber threat landscape, we analysed cyber threats affecting previous editions of the Olympics, as well as the current geopolitical context to understand potential motivations of malicious actors to target this event, ranging from destabilisation to financial gain, and the techniques they leverage.
In a prospective approach, we analysed the different cyber operations likely to impact the 2024 Olympics depending on the objective of malicious groups.
To truly assess the potential cyber threats faced by the Paris 2024 Olympics, it's crucial to examine cyber campaigns that targeted previous Olympic events, from the first reported operations impacting Beijing 2008 to the last Winter 2022 Olympics, in Beijing again.
Shortly after the Winter Olympics held in Russia, a cyber espionage campaign was reported in open source, accusing Russian Intelligence services of gathering information on Olympics organisations, judges, journalists, spectators and athletes.
The 2018 Winter Olympics in South Korea were the first Games that reported being targeted by a large-scale destructive cyber operation - Olympic Destroyer, impacting multiple systems during the opening ceremony.
Like every past Olympic Games since 2008, opportunist lucrative cyber operations were reported, such as phishing campaigns.
Based on previously reported cyber operations impacting past Olympics, distinct trends have emerged, providing foresight into potential threats to the upcoming Paris 2024 Olympics.
Hacktivism campaigns, namely the use of cyber operation for political or social activism purposes, pose an increasing threat, the Olympics being leveraged as a tribune for political claims.
The 2024 Olympic Games in Paris will occur in a particular geopolitical context characterised by several open conflicts, ongoing as of December 2023, which oppose countries participating in the event.
As France amid NATO and Western states is supporting Ukraine in its defensive war against Russia, it is possible that the 2024 Paris Olympics will be targeted by Russian and/or Belarus cyber operations as a retaliation measure - such as disruption and sabotage - to undermine the reputation of France.
As Bakou destabilisation operations were already reported, it is possible that the Paris Olympics might be targeted by malicious cyber or influence operations.
In July 2023, an operation linked to the Azerbadjanese company Mediamark Digital Agency also targeted France by sharing contents calling for the boycott of the 2024 Paris Olympics.
Cyber espionage campaigns can also take advantage of the attention concentrated on most visible threats during the Olympics to remain under radar and compromise critical targets.
At the dawn of the 2024 Olympics, SOCRadar identified domain addresses mimicking Paris 2024 themed legitime ones and linked to a website looking like a travel agency.
As of late 2023, Olympic cyber security authorities already registered several domain addresses related to Paris 2024 as a proactive measure to prevent typosquatting, nevertheless it remains a major concern as fake websites are easy to create both in terms of human and financial resources.
Given the criticality of potential disrupted service during the Olympics, especially during the opening ceremony, RansomDDoS is a technique that can impact Paris 2024.
On the cyber front, previous Olympics editions highlighted the recurrence of cyber threats affecting this major sporting event.
According to previous Olympics editions, cybercrime-related threats differ depending on the targets, ranging from the public to Olympic' infrastructure, but remain a persistent threat affecting the Games.
This Cyber News was published on blog.sekoia.io. Publication date: Thu, 04 Jan 2024 09:13:04 +0000