How Paris Olympic Authorities Combated Cyberattacks and Won Gold

The Paris 2024 Olympic Games were by most accounts a very successful Olympic Games. Some 10,000 athletes from 204 countries competed in 329 events over 16 days. But before and during the event, authorities had to deal with cybersecurity threats of Olympic proportions coming from multiple sources.

In preparation for the expected attacks, authorities took several proactive measures to ensure the security of the event.

Cyber ​​Vigilance Program

The Paris 2024 Olympic Games implemented advanced threat intelligence, real-time threat monitoring and incident response expertise. This program was designed to prepare organizations involved in the Olympic Games for emerging cyber threats by providing a blueprint for cybersecurity strategies.

High alertness and incident monitoring

The French Cybersecurity Agency (ANSSI) was on heightened alert during the Olympic Games, monitoring for attacks that could disrupt critical activities such as organizing committees, ticket sales, venues and transportation.

Extensive use of AI

The Paris Olympics used AI to secure critical information systems, protect sensitive data, and raise awareness within the Games ecosystem. Additionally, a pilot program under French Olympic and Paralympic Law allowed for the use of “algorithmic video surveillance.” Due to strict European privacy laws, the surveillance did not allow for the use of biometric identification or automated data matching. Instead, AI scanned videos for scenarios such as abandoned bags, the presence of weapons, unusual crowd movements, and fires.

Collaboration and training

French authorities collaborated with international organizations and provided extensive training for cybersecurity teams. They focused on understanding threat actor tactics and used frameworks such as MITRE ATT&CK to anticipate and mitigate potential attacks.

Despite precautions, the Grand Palais, a venue for Olympic events, was hit by a ransomware attack. French authorities responded quickly with containment measures, showing that they are prepared to deal with such incidents.

How did the cybersecurity measures for the Olympic Games perform?

As we study the available facts after the events, the reality of the threats becomes increasingly clear.

French authorities have announced that more than 140 cyberattacks have taken place on the Games, but that they have not disrupted the events. ANSSI has detected 119 “low impact” “security events” and 22 incidents in which malicious actors successfully gained access to information systems between July 26 and August 11, 2024. Many of these incidents caused system outages, often via denial-of-service (DoS) attacks.

Other attempted cyberattacks have targeted Paris, but not the Olympic venue’s infrastructure directly. For example, the Grand Palais and some 40 other museums in France were targeted in early August by a ransomware attack that was thwarted thanks to a rapid response.

Thwarting a wide range of potential threats

Authorities had to combat not only attacks via the global Internet, but also local threats. The Olympics are unique in that they attract government officials from France and around the world, and then place them near large numbers of uncontrolled international visitors. Spies and data thieves undoubtedly saw this as a rare opportunity to steal confidential data of high monetary and geopolitical value. A variety of techniques make this type of data theft possible, including man-in-the-middle attacks on Wi-Fi hotspots and theft of physical devices.

Long before the Games, Olympic organizers were already struggling with ticket fraud. Researchers from threat intelligence provider QuoIntelligence discovered that fraudulent websites were selling fake Olympic tickets, primarily to Russians who were unable to purchase real tickets due to EU sanctions imposed over Russia’s invasion of Ukraine. Organizers identified 77 sites reselling fake tickets.

One of the most prominent threats was the spread of disinformation. Russian groups such as Storm-1679, widely believed to be a spin-off of Russia’s Internet Research Agency “troll farm,” used AI-generated content to create fake news and images aimed at discrediting the International Olympic Committee and spreading fear among potential participants. These campaigns often involved fabricated stories about terrorism and other threats, using AI to increase their credibility and reach.

Ultimately, despite the enormous efforts of malicious actors, state-sponsored attackers and others, the Games were successful without major disruptions, violence or data theft.

Read more