As the world gets closer to the Paris 2024 Olympic Games, the City of Light is preparing to welcome thousands of athletes, spectators and professionals from various fields. But in addition to the sporting and cultural atmosphere, this major international event also brings with it a significant challenge: cyber security.
Events of this magnitude are an attractive target for hacker groups, who can seek visibility into their causes, expose vulnerabilities, steal confidential information, or even cause disruptions to the event's critical systems.
The level of cyber threat facing the Paris 2024 Olympics will be "unprecedented"
Hacker groups, activists and states will be the main threats during the Olympics, from July 26 to August 11, and the Paralympics, from August 28 to September 8. The increasing dependence on technology for the organization and operation of the Games, combined with the growing sophistication of cyber attacks, makes digital security one of the main focuses for the organizers.
The digital infrastructure of this type of event includes systems for ticket sales, access control, communication, live broadcasts, results management and much more, all of which need to be protected. Organizers are aware of these risks and are working closely with cybersecurity experts to develop robust defense strategies. This includes implementing preventative measures such as data encryption, multi-factor authentication, real-time network monitoring and attack simulations to test the resilience of systems.
Threats can come from all sides, from novice hackers and ransomware gangs to military hackers with a history of cyber attacks that threaten to paralyze computer systems vital to the sporting event. The organizers of Paris 2024 are collaborating with cybersecurity experts to mitigate the risks of digital attacks. This includes recruiting "ethical hackers" to carry out penetration tests on their systems and using artificial intelligence to help identify and assess potential threats.
Despite preventative measures, the constant evolution of cyber threats makes it impossible to guarantee that all attacks will be anticipated or prevented. Preparing incident response plans is therefore crucial, as they define the procedures needed to contain damage and restore affected services quickly in the event of a cyber attack.
The Paris 2024 Olympics will be held in the midst of a complex global scenario
Continuous vigilance and preparation are essential to ensure that the Games are successful, not only in the sporting sphere, but also in the digital sphere. In addition, international cooperation is key to tackling cyber threats, with countries and organizations sharing information on vulnerabilities, effective security practices and collaborating on investigations and incident responses.
The current context is complex, with the Games taking place alongside the conflict between Russia and Ukraine and tensions between Israel and Hamas. This scenario has resulted in the organizers deciding to ban Russian athletes from taking part in the Games (except for those who agree to compete as neutral athletes, without representing their country's colors).
Emmanuel Macron himself, the president of France, has stated a few times that he has no doubt that Russia will try to maliciously attack the Paris Olympics.
Cyber attacks are nothing new at the Olympic Games
According to TrendMicro, in 2021 the Olympic Games held in Tokyo, Japan, suffered 450 million attempted attacks, 250% more than the 2012 London Olympics.
Hacktivism and opportunistic attacks increase during global events. In 2016, the Anonymous group attacked Petrobras during the Olympics in Brazil, exposing confidential employee data. For this reason, education and awareness also play an important role. In 2018, the "Olympic Destroyer" virus hit the opening ceremony of the Pyeongchang Winter Games, with Russian hackers indicted by the US in 2020 for cyber attacks.
Service interruption is the goal at events of global relevance
Major events, such as the Olympics, attract the attention of a wide and diverse audience. Any action that has an impact on the ceremonies is promptly noticed by both the public and stakeholders. It is therefore common for these events to be the target of cyber attacks, which seek to make critical resources unavailable and compromise the success of the event. The greatest risks for the 2024 sporting event are related to some types of attack already known to the cybersecurity community:
- DDoS (Distributed Denial of Service): Attacks that overload servers with an excessive flow of traffic, making services and systems inaccessible to legitimate users.
- Network Attacks: Attempts to compromise the integrity, confidentiality or availability of communication networks by exploiting vulnerabilities or intercepting data.
- Malware: Malicious software designed to infiltrate, damage or disable computer systems. Olympic Destroyer, mentioned above, is an example of this type of threat.
- Ransomware: Type of malware that encrypts data or blocks access to systems, demanding a ransom for release. This type of attack can compromise critical infrastructures, such as transport systems or essential services, directly impacting the event's organization and public.
How can Asper protect companies from attacks during major events?
Asper offers robust protection against attacks during major events, through a combination of advanced technologies and specialized services. To mitigate risks, we use the best solutions on the market, which include the implementation of advanced firewall systems to protect networks from unauthorized access, monitoring and incident response (MDR) services to detect and neutralize threats in real time, and DDoS protection to ensure the availability of critical services.
In addition, Asper offers intrusion prevention tools (IPS), which help identify and block malicious infiltration attempts, as well as encryption, secure backup and identity management solutions to protect sensitive data and accounts from ransomware attacks and abuse of privilege. We also have preventive security services, CTI (Cyber-threat Intelligence) teams constantly monitoring the web for attack campaigns and exploitation techniques, with the aim of keeping companies one step ahead of attackers. Real-time vulnerability monitoring and intrusion simulation services are also specialties, reinforcing defenses even before a crisis scenario arises.
