Amid law enforcement agency warnings of massive cybersecurity threats to the Paris Olympic and Paralympic Games, event organizers are bracing with the support of the world’s major tech companies.
This summer over 15 million visitors are expected in the French capital, many attracted by the sporting extravaganza which is slated to sell more than 13 million tickets worth around €11 million. But it is that economic churn and huge influx of consumer data that give cyberattackers greater opportunities to target the international event.
Spoofs, fraud, DDos attacks, and malware
“Motivated by financial gain, cyber criminals are redoubling their efforts and will not hesitate to create websites that spoof everyday services such as web-based email, online shopping, banks and government agencies,” the Paris 2024 committee warns on its official website.
Fraudulent sites and communications attempting to persuade consumers to part with their cash are not the only threat however. Bad actors can also operate through malicious disruption of internet traffic via distributed denial-of-service (DDoS) attacks and malware. Estimates suggest there will be over eight times the 450 million cyberattacks that took place at the 2021 Tokyo event.
The response
“The Games are facing an unprecedented level of threat,” Vincent Strubel, France’s cybersecurity agency director, told Reuters. “But we’ve also done an unprecedented amount of preparation work so I think we’re a step ahead of the attackers.”
That work includes all Olympic stakeholders working on cybersecurity and implementing “a reinforced detection and incident response system.” This has involved national agencies as well as companies like Eviden and Cisco auditing vulnerabilities, developing technological solutions, and testing them with the help of so-called “ethical hackers”.
The size of the task is colossal, as over 500 websites plus event venues and local collectives have all needed to be checked and double checked. But it is the level of sophistication, not just the sheer number, of potential attacks that adds to the challenge. “Ultimately, it is a full-scale IT project,” said Eric Greffier, the technical director for Paris 2024 at Cisco France.
Artificial intelligence for good and bad
What’s more, it’s a cat and mouse chase, with criminal networks developing ways around defences almost as soon as they come online, helped by the advent of generative artificial intelligence (AI). But the good guys, holed up in a security centre at a secret location, are using AI too, for advanced cyberthreat detection and the importance of AI is made clear by Paris 2024’s managing director for IT, Franz Regul, who told reporters: “AI helps us make the difference between a nuisance and a catastrophe.”