Four Largest Cyber Threats to the 2024 Paris Olympics
The Olympic Games are an exciting time for the world to come together; something that is much anticipated this year. But as with previous Olympics, behind the spectators’ excitement, impressive feats of athleticism, and sense of community, looms the increased potential for cyber threats to the 2024 Paris Olympics.
With all eyes on Paris 2024, the ZeroFox intelligence team has outlined both the physical and cyber threats that organizations, spectators, and athletes could face surrounding the Games. Here, you’ll find a summary of the potential cyber threats, or you can read the full report with more detailed information on the team’s findings.
What Cyber Threats Could We Face During the Paris Olympics?
1. Russian Nation-State-Level Actors
Two political issues involving Russia have the potential to disrupt the Games. The Russian Federation has held a grudge against the institutions of the Olympics since Russian athletes were banned in 2019 from international competition due to allegations of a state-sponsored doping program.
Subsequently, Russia’s invasion of Ukraine caused the International Olympic Committee (IOC) to ban Russian athletes from competing under the name and flag of Russia. Russia has perceived both of these decisions as major slights.
Cyber Threat Predictions:
- Russian cyber threat actors are likely to react to the strong showing of support for Ukraine, as well as previous bans of Russian athletes, by targeting the IOC in the form of DDoS attacks, data compromises, and cyber scams.
- The decision that Russian athletes can participate at all has been strongly criticized by both the Ukrainian government and social media activist group “#BloodyOlympics”. This could lead to protests or boycott campaigns against corporate sponsors.
2. Pro-Palestinian Disruptions
The Israel-Hamas conflict has the potential to inspire protests and disruptions by nation-state-level actors and citizen activists.
In July, a pro-Palestinian actor posted on their Telegram channel indicating that they would begin targeting the digital infrastructure of France. The group has claimed several attacks targeting Israeli institutions and supporting organizations with the stated intent of impacting entities associated with the ongoing Israel-Hamas war. However, ZeroFox has not observed evidence that the claims made by the group are legitimate.
Also in July, a broad grouping of pro-Palestinian protestors orchestrated a mass-call in targeting the Paris Organizing Committee (COPJOP), pressuring them on Israel’s participation at the Games.
Cyber Threat Predictions:
- We're likely to see similar small-scale shows of support or opposition, such as the mass-call in, during the event.
- Pro-Palestinian cyber threat actors pose a threat during the Games, though mainly to the Olympics cyber infrastructure.
3. Exploited Mobile Apps
Mobile applications can often present security risks. And cyber threat actors could attempt to exploit enthusiasm for the Games to carry out scams utilizing mobile apps. Threat actors can use mobile app credentials to gain access to user accounts, reselling tickets and manipulating personal information associated with paris2024.org and olympics.com users.
ZeroFox observed and exported thousands of sets of compromised credentials related to paris2024.org and olympics.com from the private Telegram channel @GoldPack Private.
Cyber Threat Predictions:
- The purchase and sale of compromised credentials could lead to ticket fraud, operational disruptions, and reputational damage.
4. Exposed Olympic-Related Assets
In July, an untested threat actor posted a thread titled “Buying all things olympics 2024 related” on a predominantly Russian-language deep and dark web (DDW) forum. They expressed intent to purchase unauthorized access and tools specifically targeting the Olympic Games Paris 2024.
Additionally, ZeroFox identified 21 exposed records containing compromised credentials associated with the @olympics.com email domain. Plus, four unique records tied to the @paris2024.org email domain. These records include limited personally identifiable information (PII), such as full names, usernames, passwords, and phone numbers.
On a Reddit forum, a user posted a query titled “Scam or real?” three months ago. In the post, the user expressed concerns about an email they received from [email protected].. The user, who was registered in the volunteering program for Paris 2024, noted that the email differed in design and structure from previous official communications. The email invited the recipient to accept a mission via a link to a Volunteer Portal. But the unusual wording and appearance raised suspicions about its authenticity.
For more detailed reporting on these potential cyber threats, including additional screenshots, read the full report.
Cyber Threat Predictions:
- Plans could be in place for sophisticated attacks that include credential theft, unauthorized access, and broader disruptions to Olympics-related systems.
- Data from past breaches could be exploited to gain unauthorized access to Olympic Games systems. This is possible if personnel reused passwords or if the compromised information provides insights for social engineering attacks.
- Phishing attempts could target the volunteering program, designed to deceive volunteers into providing personal information or login credentials.
ZeroFox Intelligence Recommendations: Stay Cyber Safe During the 2024 Olympic Games
So, what can you do to stay cyber safe during the 2024 Paris Olympics? Whether you’re visiting the games in-person, subscribing to streaming services, or your organization is involved with the Games, the cybersecurity experts at ZeroFox recommend the following:
- Olympic visitors should be vigilant for potential scams, including cyber scams involving fake mobile, accommodation, and Olympic apps.
- Ensure you make accommodation and travel bookings on legitimate apps or websites and not through third parties.
- For those with event tickets or those traveling to fan zones, download the official Olympic Games Paris 2024 mobile applications.
- Have event tickets, any transportation passes, and the Pass Jeux stored in the official apps well in advance.
- Understand the different security requirements when traveling through the four different security zones in downtown Paris.
- Organizations should actively monitor for compromised accounts being brokered in DDW forums.
Tags: Cybersecurity, Dark Ops, Threat Intelligence