As athletes from around the world vie for gold at the 2024 Olympics and Paralympics in Paris, cybercriminals are fine-tuning their own game plans to hack, attack, and exploit the largest event on the planet, making the 30th Olympiad potentially the greatest cybersecurity risk in history.
“Cybercrime and cyberthreats have gone through the roof in recent years. And this is the biggest show on Earth, not just in sport but probably the biggest event on Earth. So you know it’s going to be the target for disruption by people for a variety of reasons,” says Richard Thurston, research manager of European security services at IDC.
There were 450 million cyberattacks against the COVID-delayed Tokyo summer games in 2021, according to Cisco, the network infrastructure provider for the Paris games. Cisco expects eight times more attacks to target the Paris Olympics (running July 26 to August 11) and Paralympics (happening August 28 to September 8).
An IDC research report released ahead of the games suggests “Paris 2024 will see the highest potential for cyber disruption in history.” IDC goes on to call these “the most connected Olympic games ever” with “the most complex threat landscape” and “the highest degree of ease for threat actors to execute attacks.”
Much of that ease is courtesy of artificial intelligence, since Paris is hosting the first Olympics of the generative AI era.
AI threats and tools
GenAI has already been used in a sophisticated online smear campaign against the games. In 2023, Russian disinformation collective Storm-1679 created an AI-generated video starring a deepfake of Hollywood star Tom Cruise. The video, “Olympics Has Fallen” (a churlish nod to the 2013 action thriller “Olympus Has Fallen”), used a deepfake of Cruise’s image and voice to disparage the International Olympic Committee (IOC) in the run up the Paris games.
Cybercriminals are also weaponizing AI for malvertising and SEO poisoning before and during the Olympics, warns Ashley Jess, senior intelligence analyst at Intel 471.
“I just saw last week that someone was sharing how to use ChatGPT to build websites that optimize a search engine with your malicious website at the top [of search results]. It was leveraging hundreds of websites at the same time to do it,” says Jess.
This AI-based tactic could also be used to build fake Olympics ticketing websites and send those sites to the top of online searches for Paris games tickets, she adds. To hamper ticket fraud, Paris organizers have designated only one website for legitimate ticket sales, tickets.paris2024.org. As of June, however, French authorities had already identified 338 fraudulent Olympics ticket sites on the web.
Hacktivism and cyber espionage
Cybercriminals motivated by greed will use Olympic-themed emails and websites as clickbait to launch money-making exploits such as phishing and ransomware attacks. Hacktivists, on the other hand, may target the Paris games motivated by political and social causes. Current geopolitical conflicts in Ukraine and Gaza could make the 2024 summer Olympics particularly ripe for hacktivist attacks.
“A hacktivist will most likely do website defacement or denial of service attacks against the infrastructure that supports the event, mostly to embarrass the host country or the organization,” says Sami Khoury, head of the Canadian Centre for Cyber Security (CCCS), the Canadian equivalent of ANSSI. “They’ll take advantage of the opportunity because there will be billions of people watching the Olympics.”
“Hacktivism is not just going to be against the Olympic infrastructure,” Khoury continues. “In the context of the Paris Olympics, it could be against France, but it could also be against other countries and governments who support Ukraine.”
During the 2016 summer Olympics in Rio de Janeiro, DDoS attacks by the hacktivist collective Anonymous struck down various Brazilian government websites, a digital protest against police and military raids in Rio’s impoverished favelas.
This summer’s Paris games are also a prime target for state-sponsored cyber espionage. Like hacktivism, it has a political motive; unlike hacktivism, it’s always coordinated, funded, or sanctioned by a particular government. The CCCS issued a bulletin in May warning about the risk of cyber espionage at large global sporting events. It noted that Russia’s ban from several international sports organizations — including the IOC and the Fédération Internationale de Football Association (FIFA) — following the invasion of Ukraine could prompt the Kremlin to back retaliatory cyber espionage.
A cyber espionage operation at the Rio Olympics unfolded like something out of a James Bond movie. When an official from the World Anti-Doping Agency (WADA) logged into WADA’s database using the Wi-Fi at his Rio hotel, hackers stole his login credentials. Weeks later, the Russian cyber espionage group Fancy Bear publicly posted the confidential WADA medical records of more than 125 athletes who had competed in Rio, including American gymnast Simone Biles and tennis stars Venus and Serena Williams.
Protecting the games
Third-party cyber risk
What SOC teams can do
- Monitor geopolitical events and be aware of how they might make your organization (or your partners and suppliers) the target of an Olympic-related hacktivist cyberattack that could have a ripple effect on your IT systems, says Intel 471’sJess.
- Be extra vigilant of cyberthreats if your business or organization has any relationship with companies playing key roles in the Olympics supply chain, IDC’s Thurston says.
- Perform tabletop exercises or other tests of your backup plans, fallback services, fallback servers, and hot spares to make sure they work as intended, Purdue’s Spafford notes.
- Raise awareness across your organization of Olympic related phishing, clickbait, scams, and fraud campaigns and how they work, Spaffordadds.
- Ensure your Internet-facing infrastructure and operating systems are up to date and patched, and all staff are using strong passwords with MFA, advises CCCS’ Khoury.
- If your company is directly tied to the games as a supplier or partner, don’t let your guard down at night or on weekends during the games; cyber incidents are more likely to happen during the 9 to 5 time zone of the Paris games rather than your own time zone, Khouryadds.
Comments
Post a Comment