Palo Alto Networks maps cyber threats to Paris Olympics
Palo Alto Networks maps cyber threats to Paris Olympics
As the best athletes in the world prepare for the 2024 Olympic Games in Paris, hackers and activists are gearing up to launch cyber attacks to disrupt the event. The research division of Palo Alto Networks has mapped out these threats, which range from financial scams to psychological operations.
This Friday at 20:30, the 2024 Olympic Games will commence in Paris. At the same time, cybercriminals worldwide will launch efforts to sabotage one of the most-watched events. The key threats identified include financial fraud, political driven sabotage, and espionage. The objectives are to disrupt the games for financial gain, increase geopolitical tensions, and monitor regime opponents and activists.
"Critical services such as transportation, hospitality, event management and telecommunications could be at risk. These cyberattacks could damage the event's reputation, disrupt attendee experiences and cause financial losses," said a report by Unit 42, the research division of Palo Alto Networks.
Financial threats
The report highlights that the most consistent threat to the games will come from cybercriminals seeking financial gain. Hackers operating under the auspices of Russia may also attempt to sabotage the Olympics in protest of Russia's boycott of the games following the invasion of Ukraine. These attacks could include disruptive and misleading operations, such as denial-of-service attacks.
One significant financial threat is "CEO fraud," where attackers impersonate executives to illegally withdraw money. The complexity of the Olympics' supply chain makes it a prime target for such scams. These attacks are highly profitable, with an average theft of $500,000. Additionally, online scams, such as fake ticket sales and fraudulent mobile apps, pose significant risks.
Ransomware and other cyber attacks
Although ransomware attacks have surged by 49% in 2023, they are unlikely to target the Olympics directly due to the expected swift response from law enforcement. However, ransomware attacks against third parties or local services, such as financial service providers or food vendors, are more probable.
Political and espionage threats
Politically motivated attacks could come from state-sponsored hackers, particularly from Russia, or independent activists. Potential threats include Distributed Denial of Service (DDoS) attacks and other disruptions to the games. Activists might also carry out denial-of-service attacks, deface websites, or steal and leak information, especially in the context of heightened activism since the Russian invasion of Ukraine and the polarization surrounding the war in Gaza.
Hackers serving Russia and Belarus, barred from participation, may attempt data deletion attacks to disrupt the games, a tactic previously used at the 2018 Winter Olympics in South Korea. Influence operations and disinformation campaigns are also expected.
In terms of espionage, there are concerns about surveillance operations targeting regime opponents. These covert operations, although unlikely to be publicly revealed, could lead to physical harm, such as kidnappings. There is also a risk of theft of sensitive information, including personal data and intellectual property.
Israeli context and threats
For Israel, the ongoing conflict with Hamas motivates pro-Palestinian activists to launch cyber attacks, including denial-of-service attacks, influence operations, data deletion, or website defacement. The main threat comes from the group Seething Phoenix, which serves Hamas' interests and could target Israeli athletes specifically. This group might disrupt broadcasts of the opening ceremony featuring the Israeli team or spread propaganda via social media.
The report concludes that while the motivations of pro-Palestinian activists are assessed as medium, their capabilities are rated from low to medium. Nonetheless, vigilance and preparedness are crucial to safeguarding the integrity of the Olympic Games.
"The Paris Olympics face a unique and unprecedented cyber threat landscape. The vast amount of data, significant reliance on technology, and global attention make the Games a prime target for various attackers, from state-backed actors to financially motivated groups. Although direct attacks on the Olympics are less likely, targeting critical third parties could significantly disrupt the Games or local services. Organizations providing essential services such as transportation, hospitality, telecommunications, and payment processing should be on high alert for disruptive attacks and have an actionable incident response plan to quickly recover operations," said Sharon Maydar, Vice President, Unit 42 Managed Services at Palo Alto Networks.