The 2024 Olympic Games, set to be held in Paris between July and August, are not only a stage for athletic excellence but also a prime target for cyberattacks. With the growing intersection of technology and international events, the threat landscape has expanded, bringing increased attention to cybersecurity around the world’s largest sporting event. Both nation-state actors and cybercriminals are sure to be gearing up to exploit the event and will likely target the Olympics themselves. There has already been an increase in influence campaigns ahead of the games—primarily conducted by Russia—but we expect to see other activity, including espionage, ransomware, and, with less likelihood, disruptive operations. Olympics-related cyber threats could impact various targets including event organizers and sponsors, ticketing systems, Paris infrastructure, and athletes/spectators traveling to the event. These attempts will likely intensify as the Opening Ceremony approaches.
In our increasingly interconnected cyber world, it is important to think how you are connected to the broader ecosystems that are under threat during this timeframe and make sure you are comfortable with your current security posture. Confirm your attack surface is as secure as possible, even if you aren't typically facing nation-state threats on a regular basis.
Nation-States Are Out for Themselves and Revenge
The Olympic Games are a time of competitive rivalries between countries. It is therefore fitting that it is also an opportune backdrop to conduct geopolitically motivated maneuvers in the context of this global event. We’ve seen this play out before. Russian hackers targeted the 2018 Winter Olympics in Pyeongchang with destructive Olympic Destroyer malware during the opening ceremony and managed to take some of the Games’ internal servers offline. They sought to disrupt the event and retaliate against the International Olympic Committee (IOC) for banning Russian athletes over its doping scandals.
The Olympics present an attractive target for nation-state actors due to several reasons—primarily political influence and espionage. Countries may attempt to use cyberattacks to promote their political agendas, discredit adversaries, or create propaganda opportunities. By disrupting the Olympics or leaking sensitive information, they can cause embarrassment to host nations or competitors. For instance, Russian hackers penetrated the World Anti-Doping Agency in 2016 and leaked private medical information about American athletes Serena Williams, Venus Williams, and Simone Biles. Given the number of government officials and key decision makers attending, cyber espionage groups could likely target the 2024 Olympics for information gathering purposes to support their respective national interests.
Google’s Mandiant recently concluded that Russia poses the greatest threat to this year’s Olympic Games. Russia has a longstanding history of targeting the Olympics. If they cannot compete or win in the Olympics, they have previously sought to undermine the competition. After Moscow invaded Ukraine, the IOC decided Russia and Belarusian athletes could not represent their respective countries in the Paris Games. In retaliation, Russia already started conducting influence operations to tarnish the reputation of France, this year’s host country, and the Olympics themselves. Last month, Microsoft reported a Russian-backed disinformation campaign has ramped up its activities since March with social media posts stoking fears about safety during the games, sometimes impersonating French and American intelligence agencies to issue fake warnings.
Chinese, Iranian, and North Korean state sponsored actors also pose a risk. China and Iran have not previously been connected with major hacks against the Olympics or other sporting events. However, their state hackers could engage in some level of opportunistic cyber espionage operations against select attendees or Olympics-affiliated organizations, researchers say. North Korea has fewer stakes this year and could likely conduct opportunistic financially motivated operations or leverage the event in social engineering campaigns.
Cybercriminals Are After the Money
While nation-state actors pursue strategic goals, cybercriminals are primarily motivated by financial gain. The Olympics provide numerous opportunities for these actors to exploit through ransomware, phishing, social engineering, and supply chain attacks. For example, entities associated with the 2020 Olympic Games in Tokyo witnessed a surge in cyber threats, mostly designed to steal financial information from victims. One instance of this was the ransomware attack on one of Japan’s largest corporations, Honda, just before the Tokyo Olympics. While not directly tied to the event, it highlighted the potential risk of disruption for entities based in or connected with the host country and/or Olympics. According to reporting earlier this month, a large-scale fraud campaign dubbed Ticket Heist with over 700 domain names is likely targeting Russian-speaking users looking to purchase tickets for the Summer Olympics in Paris. The operation offers fake tickets to the Olympic Games and appears to take advantage of other major sports and music events.
Some other potential opportunities that threat actors may take advantage of during and around the Olympics are:
- Cybercriminals can deploy ransomware to encrypt critical systems, demanding hefty ransoms for their release. The urgency and high stakes of the Olympics make organizations more likely to pay to avoid disruptions.
- With millions of viewers, bad actors can use phishing emails and social engineering tactics to steal personal information, credentials, and payment details. Fake ticket sales and fraudulent streaming services are common scams.
- Companies associated with the Olympics, such as sponsors, broadcasters, and service providers, are also prime targets. Cybercriminals may target these companies to access sensitive information or use them as vectors to attack the main Olympic Games infrastructure. Threat actors are betting on the fact that sometimes third-party companies’ security measures are not as robust as their ultimate target and can be an easier way to infiltrate them.
The Olympic Games are more than a sporting event; they are a symbol of global unity and excellence. However, they also present a significant target for cyberattacks from both nation-states and cybercriminals. As we approach the Olympics, it is crucial for all stakeholders to remain vigilant with their cybersecurity efforts. By doing so, we can help ensure the spirit of the Olympics is preserved and the event can proceed without digital disruption while also helping your company stay secure and minimize adverse effects by any potential cyberattacks.
