The cyberthreat landscape of the 2024 Olympics

History confirms that global events like the Olympic Games are not just a showcase of unity and competition, but also a prime target for cybercriminals. 

From the medical data leak of athletes in the 2016 Rio Olympics, to the disruption of internet and TV operations with “Olympic Destroyer” in the 2018 Pyeongchang Olympics, to the 450 million attempted cyberattacks at the 2020 Tokyo Olympics, each Games has faced its unique set of cyber challenges. 

What can we expect this year? From phishing scams to sophisticated state-sponsored attacks, the potential range of threats is as diverse as the athletes. 

Supply chain attacks: The insecure relay

Supply chain attacks have emerged as a sophisticated threat, targeting the interconnected systems of the Olympic Games. These attacks exploit vulnerabilities within the network of suppliers and partners, usually aiming to disrupt operations or steal sensitive data.

The Paris Olympics should be on high alert for such threats, ensuring that all vendors and third-party providers adhere to stringent security protocols. By scrutinizing every link in the supply chain, the goal will be to maintain the integrity of the Games with every handoff. 

Abuse of legitimate software tools: Fair play 

Living off the land (LOTL) attacks use legitimate software tools to infiltrate networks, posing a unique cybersecurity challenge. These tools, essential for the Games’ operation, can be exploited by attackers for unauthorized access or malicious activities. While the concept of using legitimate tools for malicious purposes isn’t new, the sophistication and frequency of LOTL attacks have increased due to the growing reliance on these tools in modern IT environments.

To defend against such attacks, the Paris Olympics’ cybersecurity strategy should include rigorous vetting of software tools, continuous monitoring for anomalies, and swift incident response plans. This ensures that tools meant to facilitate the event do not become gateways for cyberthreats.

Disinformation campaigns with enhanced performance from AI   

Due to the current global tensions, nation-state cyber actors may leverage artificial intelligence (AI) to run sophisticated disinformation campaigns for their own political gain. These campaigns could involve the use of AI-generated deepfakes to create realistic but fake videos and audio clips that falsely claim security threats, corruption, or discrimination, aiming to create fear and distrust among the public about the Games. For example, a deepfake Tom Cruise documentary, attributed to Russia, centered on criticizing the organization behind the Games. AI-driven bots can amplify these disinformation campaigns by engaging with real users, spreading the fake content more widely and rapidly.

These tactics could undermine the credibility of the Games, disrupt the event, and cause significant reputational damage to the organizers and host country. Implementing real-time verification capabilities, passive detection techniques, and protection of high-priority officials and their communications may help prevent this type of attack.  

All the usual players  

Enduring and familiar for a reason, other more common threats should not be forgotten as we approach the opening ceremony. 

• Phishing remains one of the most common cyberthreats, and as the Games approach, we can probably expect a surge in emails and messages masquerading as official Olympic communications. Cybercriminals will likely use the excitement surrounding the Olympics to bait unsuspecting individuals with fake merchandise, tickets, or exclusive event access. Vigilance and awareness are crucial in avoiding these traps to hand over sensitive information.
• Malware, in its many forms, is a multi-faceted threat that can be used to disrupt ticketing operations, steal the sensitive information of athletes and spectators, steal data, spy on communications, or even sabotage systems. The Games can employ advanced detection tools and response plans to counteract any malware threats.
• Ransomware attacks can lock down scoreboards, athlete data, or even security systems. Ransomware attacks, which lock down systems and demand payment for their release, could have severe implications for the Olympics. Preparing for these high-stakes situations requires not only robust security measures but also comprehensive incident response plans.
• Distributed denial of service (DDoS) attacks can overwhelm the online services of the Games, causing outages and disruptions, frustrating millions of viewers and participants if live-streaming services crash or ticketing platforms become unresponsive. Careful traffic monitoring and strong network and application protection will be essential to maintain the continuity of the Games.

Crossing the finish line: A collaborative effort

The Paris Olympics presents an opportunity to demonstrate how far we’ve come in cybersecurity resilience. Building on the lessons from past Games, it is imperative for this year’s event to have a multi-layered defense strategy that includes enhanced network security, robust access controls, comprehensive employee training, and international collaboration.