Cyber Threats Loom Over 2024 Paris Olympics

As the 2024 Paris Olympics draw near, the cyber threat landscape is becoming increasingly precarious, with concerns over fraudulent activities and potential state-sponsored cyberattacks. Proofpoint released a security brief identifying a fraudulent website mimicking an official Olympic ticketing portal, which was aggressively promoted through search engine ads. This site, designed to phish for personal and payment information masquerading as a portal for the sale of tickets to unsuspecting victims, demonstrates the active cyber fraud activity associated with high-profile events. "Fraudsters will always capitalize on current events and the upcoming Olympic Games is no exception," said Proofpoint researchers. According to French authorities, the French Gendarmerie Nationale has taken down hundreds of fake Olympic ticketing sites in recent months, with a count of 338 fraudulent ticket sale websites identified for the Olympics.

Adding to the cyber threat activity, The Record reports a surge in state-sponsored cyber activities aimed at the Olympics, with Russia prominently mentioned due to geopolitical tensions. Russian influence operations are ramping up, involving disinformation campaigns that seek to undermine the Games and damage the reputation of France and its allies. "In fact, Russia has a longstanding tradition of seeking to undermine the competition, and this year the Kremlin has even more reason to be angry," The Record explains, since Russian participants will be unable to represent their home countries, entering the competition under the status of “individual neutral athletes.”

Russian cyber efforts are not just limited to influence but extend to espionage and potentially disruptive cyberattacks. While Recorded Future notes the absence of any current major cyber espionage or destructive campaigns directly targeting the Olympics, the possibility remains open, particularly given the historical context of Russian cyber activities around global sporting events. "As of now, Recorded Future researchers said they are not aware of any 'imminent, planned, or ongoing' state-sponsored destructive or espionage campaigns linked to known state-sponsored groups targeting the Olympics, its organizers, or sponsors. However, they do not rule out the possibility of such attacks."

Lastly, ransomware threats cannot be ignored, with cybercriminals likely targeting businesses associated with the Olympics to exploit the urgency and visibility of the event for financial gains. The sectors most at risk include transportation, hospitality, and public services, which are essential to the execution of the Games and will be under pressure to avoid operational disruptions. The overall cyber threat landscape for the Paris Olympics is a complex mix of fraud, espionage, and financial crime.