Cyber threats in the 2024 Olympics must put organizations on edge
While the summer of 2024 and the Paris Olympics still seem a long way off, not only the athletes are preparing and trying to reach the Olympic minimum. Cybercriminals too are sharpening their skills to get the most out of this massive sporting event. Anyone who is involved in cybersecurity in an organization should prepare for the worst and implement tactics to fend off these attacks.
Read on to learn:
- What are cyber threats?
- What are the likely cyber threats during the Paris Olympics?
- Why it is necessary to protect against cyber threats?
- How to prevent cyber threats
What are cyber threats?
Cyber threats are an umbrella term for malicious activities or actions that seek to exploit vulnerabilities in digital devices, computer systems or networks. They are aimed at stealing sensitive data, disrupting normal operations or just causing harm to an individual or a business. But most of the time, cyber criminals try to get financial gain from cyber threats.
Cyber threats can take different forms. Some of the most common cyber threats are:
- Phishing: an attempt to get sensitive information (login credentials, credit card numbers…) by posing as a trustworthy entity through social media, email or any other form of communication.
- Ransomware: encrypting documents and demanding payment in exchange for a key to decrypt these files.
- Social engineering: using deception and psychological manipulation to extract sensitive information or trick an individual into performing actions that compromise cybersecurity.
- Denial of Service (DOS) or Distributed Denial of Service (DDOS) attacks: overload a system with traffic or requests, trying to make it crash or become unresponsive.
Often, these cyber threats are combined, for instance by first using social engineering on an individual to install malware, as foreplay to a ransomware attack.
What are the likely cyber threats during the Paris Olympics in 2024?
Based on experience from previous big sporting events, we can expect all the cyber threats mentioned above, and exploitation of all potential vulnerabilities. Cybersecurity has been a growing concern since at least the 2004 Athens Olympic Games. Organizers, athlete delegations and visitors rely heavily on digital technology, making them vulnerable to cybercrime and malware. With delegations from more than 200 nations and worldwide media coverage, events such as the Olympics provide a prime target for anyone trying to enrich themselves through online extortion, intent on embarrassing the host country or causing politically motivated harm. The type of attacks and breach attempts we can expect at the Paris Olympics are targeted attacks for political (espionage) or financial gain, distributed denial-of-service (DDoS) attacks aimed at disrupting regular services during the games and ransomware attacks against devices or infrastructure of organizers, participants as well as the athletes. Perhaps misinformation and cyber propaganda are not really considered cyber threats yet, but we can also expect an unhealthy dose of fake news, used for political purposes. Especially so when specific nations are banned from the Games. We can also expect an increase in social engineering attempts to get hold of people’s credentials for logging into vulnerable applications.
Why is it necessary to protect against cyber threats?
The Paris Olympics should defend themselves and anyone participating against cyber threats for the very same reason that any organization should. If operations were disrupted due to a cyber-attack, this would cause severe reputational damage for France as a country and the Olympics organization in particular. The Olympics are a showcase for the skills and abilities of the organizing country and city and are meant to attract future visitors. Appearing weak in cybersecurity skills and suffering a disruption would not reflect well on Paris or France. The Tokyo Olympics carried a budget of over 15 billion dollars. This is not the kind of budget you want to further inflate by having to shell out ransomware because of a breach.
How to prevent cyber threats?
To prevent cyber threats, organizations would do well to get their information security house in order. That starts with proper cyber hygiene by ensuring that all software is updated to the latest versions, doing away with any vulnerability that can lead to phishing attacks or that would allow cybercriminals to steal data. Furthermore, raising awareness among users is key. Anyone using digital systems should know that sharing credentials is not allowed, as this might lead to unauthorized persons accessing sensitive information. However, human error can never be excluded, so it is a safer bet to tighten the reins on identity verification and identity management. Protect all sensitive applications by making it harder for cybercriminals to gain access to them. Two-factor authentication requires two authentication factors that are unique to the user and are harder to compromise. Multi-factor authentication raises the bar even higher, while adaptive authentication will ensure that security is guaranteed throughout the customer’s digital journey, asking for extra authentication when needed, for instance when financial transactions are being made or when sensitive information is accessed.
Cyber defense best practices for businesses
As everyone in the field knows, cybersecurity is a marathon, not a sprint. Yet it will do no harm to switch into a higher gear as the Paris Olympics draw near. At the Tokyo Olympics, an average of 815 security incidents took place every second. And that number is only for incidents at or around the Olympics, not attacks or phishing attempts under the guise of the Olympics. Some recommendations for businesses:
- Educate your users on the tactics cybercriminals use, such as social engineering.
- If this has not already been done, roll out an MFA solution for access to company resources
- Implement passwordless authentication for higher security, or even deviceless authentication. When users don’t need to enter credentials, it becomes impossible to steal them.
- Implement stringent identity verification for external users – connect your access management system to authoritative identity sources such as France Connect, itsme, eHerkenning, SwissID…
- Use your Identity and Access Management (IAM) solution to monitor user behavior and check if they are always choosing the safest options to connect to enterprise resources.
Need help? Reach out to TrustBuilder and learn how our comprehensive IAM solution and our MFA solution can enhance your security stance without compromising customer experience. As a European cybersecurity player, TrustBuilder connects to all European Identity Providers and offers adaptive authentication throughout the digital journey. TrustBuilder even specifically received a label from the French National Industry Council as a trusted security partner for large-scale events such as the Olympics and Paralympics in Paris.
Cyber threats is an umbrella term for malicious activities or actions that seek to exploit vulnerabilities in digital devices, computer systems or networks. They are aimed at stealing sensitive data, disrupting normal operations or just causing harm to an individual or a business. But most of the time, cyber criminals try to get financial gain from cyber threats. These threats can take different forms: Phishing, ransomware, social engineering, Denial of Services (DDOS).
As the Paris 2024 Olympic Games are a big sporting event, the risks are numerous for the organization and can take any form of cyber threat. Cybersecurity has been a growing concern since at least the 2004 Athens Olympic Games. The type of attacks and breach attempts we can expect at the Paris Olympics are targeted attacks for political (espionage) or financial gain, distributed denial-of-service (DDoS) attacks aimed at disrupting regular services during the games and ransomware attacks against devices or infrastructure of organizers, participants as well as the athletes. We can also expect an increase in social engineering attempts to get hold of people’s credentials for logging into vulnerable applications.
To prevent cyber threats, organizations would do well to get their information security house in order. That starts with proper cyber hygiene by ensuring that all software is updated to the latest versions, doing away with any vulnerability that can lead to phishing attacks or that would allow cybercriminals to steal data. Furthermore, raising awareness among users is key. Anyone using digital systems should know that sharing credentials is not allowed, as this might lead to unauthorized persons accessing sensitive information.
