Skip to content

Paris Olympics are on the radar of several threat actors: Research

  • by
  • 4 min read

The Summer Olympics, set to take place in Paris between July and August, can be targeted by state-sponsored threat actors, including those from Russia, China, North Korea, and Iran. The influx of high-profile attendees, including government officials and senior decision-makers, presents an attractive target for these groups for espionage, disruptive and destructive operations, information, and financially motivated operations.

The diverse threat landscapes include cyber espionage groups, disruptive and destructive operations, information campaigns, and financially motivated actors. Espionage groups, often state-sponsored, are likely to target high-profile attendees to gather sensitive information.

Cybersecurity experts opine that threat actors from Russia, China, and Iran can conduct sophisticated espionage activities due to the valuable targets present. They can also deploy disruptive and destructive operations that could manifest through website defacements, distributed denial-of-service (DDoS) attacks, wiper malware, and targeting of operational technology systems.

Such activities aim to cause widespread panic, undermine confidence in the event’s security, and tarnish the host nation’s reputation.

“Olympics-related cyber operations could impact a variety of entities. For some organizations involved in the Games such as sponsors, this could expose them to state-sponsored actors and destructive campaigns that are not typically active in their sectors. Other threats, such as cybercrime and extortion operations, will be more familiar, yet will likely become more prolific and persistent against entities involved in the Games,” said researchers from Mandiant.

Source: Mandiant

Information operations are another significant threat, with actors likely using the Olympics to spread disinformation and manipulate narratives. The event’s global popularity offers a fertile ground for threat actors to amplify their reach and impact.

These campaigns may synchronise with disruptive attacks to enhance their psychological effects. Financially motivated actors are also expected to exploit the heightened interest in the Olympics through social engineering schemes, ticket scams, and ransomware attacks targeting attendees and organisers.

Among state-sponsored threats, Russia poses the most significant risk to the Olympic events and its current strained relations with Europe, particularly due to France’s support for Ukraine; Russian threat actors like APT44 are anticipated to conduct impactful operations, including espionage and destructive attacks.

As per researchers, China’s threat is moderate, focusing primarily on intelligence gathering. Chinese groups, such as APT31 and APT15, are likely to target events for sensitive information, though they are less likely to engage in destructive activities.

Similarly, Iran and North Korea pose moderate to low threats, with Iranian actors potentially leveraging the Olympic Games for espionage and disinformation and North Korean actors exploiting the event for financial gain through phishing and social engineering.

Russian disinformation campaign targeting Paris Olympics. | Source: Mandiant

Actors like LOCKBIT and ALPHV frequently target French organisations. The demand for the Olympics presents an opportunity for cybercriminals to scam unsuspecting fans through fake websites and counterfeit tickets.

Additionally, threat actors are expected to use Olympics-related themes in phishing campaigns, exploiting public interest to distribute malware and steal credentials.

Furthermore, the high-profile event makes it a prime target for hacktivism and information operations. Pro-Russian campaigns are expected to use the event to disseminate disinformation, leveraging its visibility to spread anti-Western narratives and retaliate against France for its support of Ukraine.

Hacktivist groups, despite limited resources, could achieve a significant impact through well-timed disruptions. Notably, the pro-Russian information operation known as the Doppelganger campaign has already been noticed by cybersecurity experts targeting the upcoming Paris Olympics, promoting narratives that undermine confidence in the event’s security and preparedness.

Cybersecurity experts have urged organisations participating in the Olympics to adopt strategies such as updating threat profiles to bolster detection and response capabilities and fortifying defences against DDoS and destruction attacks through robust security measures and adherence to industry standards.

Researchers have urged travellers and Olympic participants to keep informed of the perils of public WiFi networks and the prevalence of scams targeting attendees.

In the News: FTC probes Microsoft’s Inflection AI deal over antitrust concerns

Kumar Hemant

Kumar Hemant

Deputy Editor at Candid.Technology. Hemant writes at the intersection of tech and culture and has a keen interest in science, social issues and international relations. You can contact him here: kumarhemant@pm.me

>