- The Paris 2024 Olympic Games will be a massive target for cybercriminals.
- Not only will the games themselves attract threat actors, French businesses and infrastructure are likely to be caught in the cross fire.
- The IDC warns of “an unprecedented level of threats” being launched during the games.
Later this month the 2024 Summer Olympics will take place in Paris. The multi-sport event attracts athletes from around the world, but this year, the IDC warns that digital miscreants have their eye on the games as well.
The research and data analytics firm says that the Paris 2024 games will see the largest number of threats, the most complex threat landscape, the largest ecosystem of threat actors and the easiest way to execute attacks at an Olympic event, ever.
Despite this threat, spending on cybersecurity services will only go up by two percentage points or $94 million.
“Cybercriminals are leveraging global sporting events like the Olympic Games to craft new targeted threats to businesses and citizens, knowing that their target is often distracted and more prone to social engineering,” explains research manager at IDC European Security Services, Richard Thurston. “We can expect to see an unprecedented level of threats launched during the Paris Olympic Games supporting a variety of financial and political motives targeting not only the Olympic Games but also unrelated organizations”
The IDC notes that it’s not only the games that will be in the crosshairs of cybercriminals, the threat permeates to other areas as well. This includes French businesses and even national infrastructure. On that note, the IDC highlights the ANSSI, a national service that will collaborate with multiple entities to secure the game.
The goals of ANSSI are:
- increase knowledge of the cyberthreats to the Games;
- secure critical information systems;
- protect sensitive data;
- raise awareness in the Games ecosystem;
- and prepare to respond to cyberattacks affecting the Games.
“The threat extends to a wide range of potential targets beyond the Olympic infrastructure itself, including things like fixed and mobile networks in Paris, transportation infrastructure and companies, hotels and the leisure industry, and financial networks. Organizations can expect threat actors to deploy a full array of tactics, techniques and procedures, such as ransomware and data exfiltration, exploiting application vulnerabilities, social engineering, tailored phishing attacks, and denial-of-service attempts aimed at taking down online services,” says Thurston.
There is also a risk of those looking to attend the games being duped by cybercriminals. As Statista highlighted earlier this month, there is quite the gulf between ticket prices and folks will likely go in search of cheaper entry for events such as Swimming or Athletics.
There are also likely to be criminals looking to take advantage of those looking to stream the games. On that note, it’s worth remembering how litigious organisers of the Olympics are, so approach unofficial broadcasts of the games with immense caution.
“In the private sector, organizations in France are moderately well-prepared for the additional threats that will accompany the Olympics. Incident management and response is already a main cybersecurity priority for 61% of large enterprises in France, and nearly half believe they currently have sufficient threat hunting or threat intelligence skills. However, less than 20% of French businesses believe their cybersecurity posture is mature or better, and smaller organizations are likely to have lower levels of skills and preparedness,” the IDC concludes.
