Cyber security company Palo Alto Networks has published a report analyzing potential cyber threats to the Paris Olympic Games and the risks these threats pose to participants and audiences. It appears that not everyone involved in the games has good intentions.
According to the report from Palo Alto Networks the largest global sporting event faces significant IT security challenges that affect both participants and spectators remotely.
- Major international events such as the Olympic Games are often targets for cybercriminals. These can either try to trick an enthusiastic audience with fake offers and emails or generate attention through disruptions such as overload attacks. Even if the games themselves are a goal, it is rather activities around the event that should be most concerned, says Åsa Edner, head of Sweden at Palo Alto Networks.
The report indicates that a direct ransomwareattack on the Olympics is unlikely. Instead, it is more likely that companies involved in the arrangements, such as streaming services that broadcast the competitions, could be subject to attacks. These indirect attacks can have significant consequences for the companies themselves, the participants, the audience and the viewers.
The Olympics are a clear target, and the report suggests that pro-Russian hackers in particular may seek to influence the event. Financially motivated cyber-attacks are expected, with fake tickets being a classic example of greedy fans being duped. But the report also points out that state-backed actors, particularly pro-Russian hacktivists, are likely to try to disrupt the Games or use the event's prestige to cause harm.
- Financially motivated attacks are the biggest threat. Cybercriminals can trick people into buying fake tickets and exploit the Olympic name. At the same time, there is a significant threat from hostile, state-sponsored groups. We have seen an increase in cooperation between hacktivists and state-backed Russian groups over the past two years, blurring the line between activism and state threats, says Åsa Edner.
It is expected that Russian state-backed groups will try to damage the games, while pro-Russian hacktivists, who may lack advanced resources, may use simpler methods such as overload attacks. These can lead to major delays or even the shutdown of important functions, such as air traffic to and from Paris, payment services, or the event's app and website.
The majority of the expected attacks will primarily affect France, but Swedish companies and citizens participating in or witnessing the games should also be aware.
- Swedish companies participating in the games must be prepared for increased cyber security pressure. It is important to prioritize security throughout the event, closely monitor networks and services to detect anomalies, and implement secure login with multi-factor authentication where possible. It is also crucial to train the staff to prevent them from going to fake emails, concludes Åsa Edner.