#NSBCS.034 - Safeguarding the Games: Cybersecurity and the Paris 2024 Olympics
Source: NSB Cyber
Safeguarding the Games: Cybersecurity and the Paris 2024 Olympics
As the world eagerly anticipates the start of the 2024 Olympics, the global stage presents an opportunity for athletes to write their name in the history books. However, the global spotlight and large digital infrastructure surrounding the event creates a perfect storm, attracting threat actors who view the event as an opportunity to make a reputation for themselves also.
Past Lessons and Future Threats
Drawing lessons from past events like Tokyo 2020 and Rio 2016, the Paris 2024 Organising Committee is well aware of the diverse cyber threats that could disrupt the event. The Tokyo 2020 Olympics faced a staggering 450 million attempted cyberattacks - 2.5x up from the 2012 London Olympics - and are expected to grow this time around. Potential threats include DDoS attacks, ransomware, and cyber espionage targeting athletes and national teams (SC Media) (Security Magazine).
Distributed Denial-of-Service (DDoS) attacks overwhelm networks with a flood of internet traffic, aiming to disrupt online services. These attacks can cause significant disruptions to broadcasting, ticketing systems, and other critical online services during the Olympics. This was the case during the 2016 Rio Olympics, DDoS attacks targeted the official website, causing intermittent outages and affecting ticket sales.
By learning from past incidents and implementing advanced cybersecurity measures, the Paris 2024 Olympics aims to create a secure environment where athletes can focus on their performance and fans can enjoy the games without disruption.
Protecting Participants and the Public
Safeguarding athletes' personal and performance data is paramount for the 2024 Paris Olympics. Robust cybersecurity protocols are in place to protect sensitive information from unauthorised access and potential breaches, including encrypting data, ensuring secure communication channels, and implementing multi-factor authentication.
Public awareness campaigns play a crucial role in educating attendees about cybersecurity best practices. These initiatives help fans understand the risks of social engineering and phishing attacks, which are expected to be prevalent during the event, such as free airfare or ticket upgrades to deceive unsuspecting individuals into revealing personal information or clicking on malicious links.
Additionally, digital ticketing, payment systems, and streaming services are fortified against potential breaches. With millions of transactions and interactions taking place, ensuring the security of these systems is critical. Advanced encryption, real-time monitoring, and rapid response protocols are employed to detect and mitigate any suspicious activities.
By combining stringent data protection measures, public awareness campaigns, and fortified digital systems, the Paris 2024 Olympics aims to create a secure environment for all participants and attendees.
Incident Response and Future Outlook
Preparedness is key, with dedicated incident response teams ready to act swiftly in case of any cyber incidents. These teams are equipped with the latest tools and technologies to identify, analyse, and neutralise threats in real-time. Their swift action is crucial in minimising disruptions and ensuring the continuity of the games. Additionally, regular drills and simulations are conducted to keep the teams sharp and ready for any eventuality.
Coordination among thousands of vendors, service providers, and third parties involved in the Olympics is crucial for early detection and containment of cyberattacks. A centralised communication hub facilitates seamless information sharing and quick decision-making. This collaborative approach ensures that any signs of a cyber threat are promptly reported and addressed, preventing widespread damage. The integration of advanced threat intelligence platforms helps in predicting and mitigating risks before they escalate.
The success of the 2024 Paris Olympics will not only be measured by the athletic achievements but also by the effectiveness of its cybersecurity measures in safeguarding this global celebration.
Politically Motivated Cyberattacks
The 2024 Paris Olympics may also become a target for politically motivated cyberattacks, especially given France's vocal support for Ukraine following Russia's invasion. Such attacks may aim to disrupt critical infrastructure or Olympic systems, mirroring incidents like the "Olympic Destroyer" malware that affected the 2018 Winter Olympics' opening ceremony. These attacks serve to make a global statement and showcase the capabilities of the perpetrators.
In addition to nation-state actors, hacktivist groups might seize the opportunity to use the global platform of the Olympics to highlight various causes and grievances. Issues such as the ongoing conflict in Gaza could be brought to the forefront through cyber disruptions aimed at garnering international attention. The high visibility and media coverage of the Olympics provide an ideal stage for these groups to amplify their messages and influence public opinion.
Conclusion
As the Paris 2024 Olympics draw near, the spotlight on cybersecurity becomes increasingly critical. The lessons learned from past Olympics and the implementation of advanced security measures aim to create a safe environment for athletes, participants, and spectators. With dedicated incident response teams, public awareness campaigns, and fortified digital infrastructure, the Paris 2024 Organising Committee is prepared to tackle a multitude of cyber threats.
The games' success will be measured not only by the athletic feats but also by the robustness of its cybersecurity defences. Through international collaboration and cutting-edge technology, the aim is to ensure that the focus remains on the spirit of competition and global unity, undisturbed by cyber threats. The Paris 2024 Olympics will stand as a testament to the importance of cybersecurity in protecting the integrity and celebration of this global event.
References:SC Media: Guarding the Games: Cybersecurity Challenges Ahead of 2024 Paris Olympics
Security Magazine: Cybersecurity at the Paris Summer Olympics
GovTech: Guarding Gold: Cybersecurity Challenges Ahead of the Paris Olympics
World Economic Forum: Paris Olympics 2024: Cybersecurity Experts Sound the Alarm on Cyber ThreatsFor info on NSB Cyber’s Cyber Governance or Regulatory & Dispute Advisory capabilities, or to book a meeting with our team, click here.
What we read this week
Facebook Ads for Windows Desktop Themes Push Info-Stealing Malware - Cybercriminals are using Facebook ads to promote fake Windows themes that deliver the SYS01 info-stealing malware. These ads often link to malicious download sites masquerading as sources for free software, games, or themes. When users download these files, they receive a ZIP archive containing the malware, which steals browser cookies, saved credentials, browser history, and cryptocurrency wallets. The malware also exploits Facebook cookies to steal account information. Trustwave researchers highlight the significant reach and threat of these campaigns due to Facebook's large user base.
Two Australian Citizens Charged with Espionage Activities - Two Russian-born Australian citizens, Kira Korolev, an Australian Defence Force (ADF) Army Private, and her husband Igor Korolev, were arrested for conducting espionage-related activities on behalf of Russia. They allegedly accessed and transferred sensitive ADF information to Russian authorities while Kira was on long-term leave in Russia and Igor accessed her work account in Australia. This marks the first espionage charge under Australia’s new laws introduced in 2018.
PHP Vulnerability Exploited - The PHP vulnerability CVE-2024-4577, with a CVSS score of 9.8, is being actively exploited to spread malware and launch DDoS attacks. Threat actors have used this flaw to deliver remote access trojans, cryptocurrency miners, and DDoS botnets. The vulnerability allows attackers to execute malicious commands on systems with certain language locales. Users and organisations are urged to update their PHP installations to the latest version to mitigate these threats.
Australia Warns Hackers are Exploiting Routers - The Five Eyes alliance issued a joint alert about Chinese state-sponsored hacking group APT40 exploiting end-of-life home routers to launch cyberattacks. These devices, often used in small offices and homes, are being targeted due to their vulnerabilities and lack of updates. The alert highlights APT40's ability to rapidly exploit newly discovered vulnerabilities and emphasises the importance of maintaining up-to-date security measures. Authorities urge users to replace outdated hardware to mitigate these risks.
Hacktivists Claim to Leak Unfinished Disney Projects - Hacktivist group NullBulge claims to have stolen 1.1 terabytes of data from Disney's internal Slack channels, including unreleased projects, raw images, code, and internal links. They announced the breach on X (formerly Twitter), also threatening to leak personal information of a Disney staff member who assisted them. The group's stated goal is to protect artists from theft and promote a fair ecosystem for creators. The legitimacy of the leak is unverified, but it poses significant risks for Disney. Disney has not yet publicly acknowledged the incident.
References
https://www.bleepingcomputer.com/news/security/facebook-ads-for-windows-themes-push-sys01-info-stealing-malware/
https://thehackernews.com/2024/07/australian-defence-force-private-and.html
https://thehackernews.com/2024/07/php-vulnerability-exploited-to-spread.html
https://therecord.media/five-eyes-china-apt40-alert-end-of-life-routers
https://www.cyberdaily.au/security/10831-hacktivists-claim-to-leak-unfinished-disney-projects