The Paris Olympics is a prime target for cyberattacks. Learn why fans, athletes, and businesses are at risk and how to protect yourself.
Nobody pays to watch cybersecurity professionals monitor networks or update servers, but maybe we should.
After all, while the swimmers, runners, and other athletes at the Paris Olympics are the marketable stars, nobody would be in the French capital without dedicated IT professionals behind the scenes.
Well, that might be a stretch — and, yes, that’s a sports pun. The athletes might compete regardless of a network’s status, but the millions who want to watch the Games might be out of luck if a cyberattack strikes the games.
Olympic rings with targets inside
Something like that happened at the Pyeongchang Winter Olympics 2018, when a cyberattack knocked out broadcasts, shut down the official website, and messed with ticketing systems. The organizers of the Rio Olympics suffered a long-lasting DDoS attack before the 2016 games. The attack targeted commercial and otherwise organizations linked to the Games. During those same Olympics, Russian attackers stole athletes’ private medical data.
Also Read: Fortress Fallacy: Why Your Network Security Needs a Zero Trust Makeover
A massive team has assembled in Paris to try to prevent similar outcomes. France has placed its national cybersecurity agency, the ANSSI, in charge of protecting the Games from cyberattacks. The agency generally keeps a low profile, but many employees have undergone special training for the Olympics.
The overall cybersecurity effort is so large that analyst firm IDC predicts that the Games alone will boost security revenue in France by an impressive two percent overall, with an extra $94 million heading to security vendors and partners.
The effort isn’t overkill. Archery isn’t the only event in Paris that will involve targets. The truth is that each Olympic ring could easily have a target inside it for cyber attackers. In that spirit, here are five reasons why the Paris Olympics are facing a massive cyber threat.
Fans willingly give information to what they think are sports organizations.
The cybersecurity issue that’s likely to be most prominent at the Paris Olympics is a familiar one: phishing. As difficult as this might be to believe, phishing will likely be an even bigger security challenge during the Games than every day. Attacks tend to surge during major global sporting events, when fans might not pay as much attention to random messages as usual. The H1 2024 Acronis Cyberthreats Report reveals that phishing is still the No. 1 email threat, with attacks surging 293% from Q4 2023 to Q4 2024. Phishing will be an Olympic event in 2024.
Ticket scams are also a major issue with any big sporting event. Getting tickets to major sporting events such as the Olympics isn’t easy, and desperate fans can make for easy targets. The Games will almost assuredly bring out profit-seeking cyberattackers collecting personal information from fans by selling fake tickets (and making some money selling tickets that won’t offer access to an event or never even arrive.)
Also Read: Next-Generation Cybersecurity Strategies: Safeguarding Against AI-Powered Threats
While phishing is a bigger threat, even data fans give to legitimate sports organizations could be perilous. Fans will gleefully sign onto waiting lists for tickets or buy tickets online, offering plenty of personally identifiable information (PII). Much of that information is gold for cyber attackers, and with sports organizations possessing so much PII, they know where to find and steal it.
Significant international events are great venues for spies.
Yes, really! Many dignitaries show up at the Olympics, sharing network resources. This situation is ripe for espionage, so the FBI urged athletes to use “burner” phones rather than their regular devices at the 2022 Winter Olympics in China. Granted, Paris isn’t Beijing, but the world’s intelligence agencies will be on alert for physical and virtual threats.
New technologies can introduce new vulnerabilities.
The Canadian Centre for Cyber Security points out that France now uses AI-based surveillance at events with more than 300 attendees, which will be in place at the Olympics. Unfortunately, these kinds of technologies aren’t always completely locked down. In 2021, cyberattackers took control of a different company’s smart cameras and gained access to customers’ audiovisual data. They also could prevent cameras from working properly and inject fake footage. New technology at the Olympics will no doubt be a target for adventurous attackers.
Big events can make ransomware more profitable.
There is never a good time for a cyberattack to close a business, but when tens of thousands of people are in town for the Olympics, staying up and running is even more important than usual. Ransomware attacks can potentially put local businesses in Paris in a real bind; they can’t afford to shut down during an event that could make or break them, so they might be more likely to quickly pay a ransom than they would be at another time.
There will be no time for negotiation or remediation. IDC reports that only about half of large enterprises in France believe they have sufficient threat-hunting or threat intelligence skills. Worse, fewer than 20 percent of French businesses would label their cybersecurity posture as “mature or better,” the firm reveals. Smaller businesses with less cybersecurity protection are even more likely to become victims.
The Olympics provide a platform for shock value.
Whenever the world comes together to watch an event, somebody will want to get attention by messing with the proceedings. That makes the Olympics an obvious target for troublemakers who might be more interested in exposure or sending a message than making money. Rogue nations could, and probably will, seek to disrupt the Olympics as a slap in the face to their political enemies or to make certain economically powerful countries look vulnerable.
Also Read: Paris Olympics on High Alert: Bracing for Unprecedented Cyberattacks
Or consider the stars of the show: the athletes. An attacker could use plenty of sensitive information to blackmail or expose them. A breach at the World Anti-Doping Agency in 2016 exposed the medical information of several major sports personalities.
Cybersecurity is a daily event for businesses
The Olympics happen only once every four years, so would-be attackers will likely be primed to cause trouble on a global stage. However, for businesses, cybersecurity is a daily event. And the steps they need to take to keep their data secure aren’t unlike those Olympic cybersecurity experts will likely take.
Essential elements such as threat intelligence and monitoring, strong intrusion detection, reliable incident response, and secure backup will never cease to be important. Businesses need to implement them and keep them up and running.
IT professionals need a proven cybersecurity service offering critical capabilities and management features that simplify administration. Acronis Cyber Protect delivers complete protection from cyber threats in a single solution. Secure backup, extended detection and response (XDR), and remote endpoint monitoring and management—among other capabilities—keep data safe, and a unified interface for administration keeps management simple.
