Cybersecurity is one of the major strategic issues relating to the organization and staging of the 2024 Olympic Games. Organizing an event of this scale involves a large number of players (with heterogeneous levels of cyber maturity), as well as a large number of different and potentially interconnected information systems.
Due to their scale and international media reach, the 2024 Olympics are concentrating various cyber threats. Malicious actors are motivated by a variety of reasons, from generating financial gain to disrupting the running of competitions and tarnishing the image of the host country.
Let's take a look at the major cyber threats around the 2024 Olympics and the IT security strategies in place to anticipate and counter these threats.
Cyberattacks at the Olympic Games: the legacy of previous editions
Highlighting cybersecurity concerns at the Olympic Games is nothing new. At the London Games in 2012, reconnaissance was detected on the Olympic stadium and its power supply. In 2018, the opening ceremony of the Winter Olympics in South Korea was disrupted by the deployment of malware. 450 million attempted cyberattacks were recorded during the Tokyo Olympics in 2021. These are just a few examples.
For his part, the CISO of Paris Olympics 2024, Franz Regul, estimates that the number of attacks during this event should approach 3 billion attempts.
What are the cyber threats around the 2024 Olympics?
A broad spectrum of threats
The various cyber threats are amplified by the increased digitalization of this kind of event, in all its aspects (logistics, running of events, management of access to infrastructures, rebroadcasting of the event, etc.). The organization of the 2024 Olympic Games will involve a large number of companies, suppliers and subcontractors, increasing the scope of potential targets and complicating the issue of IT security. Any player closely or remotely involved in the organization or participation in these Games can be targeted, and any security flaw can potentially be exploited.
Distributed denial of service (DDoS) attacks, ransomware, phishing and website defacement are all well-known forms of attack that the players involved in the organization of the 2024 Olympic Games will have to contend with. While some attacks are opportunistic and motivated by greed, others take place in a tense geopolitical context and are ideologically motivated.
Threats to personal safety
One of these threats concerns personal security. This can be compromised in the event of an attack on access controls and systems for protecting athletes, officials and spectators.
Disruption of operations
Sabotage of operations is another major type of threat. Attacks on the technologies and services used to organize the Games can disrupt the running of competitions and/or their broadcasting: logistical supply problems, blocking of event broadcasts, etc.
Damage to the image of the host country and the revenue generated by the Games
Computer attacks during the 2024 Olympics could affect France's image and have financial consequences for organizers, sponsors and spectators (in the case of data theft, for example).
Olympic Games 2024: the need for cyber vigilance on all fronts
IT security recommendations
Securing the 2024 Olympic Games from an IT point of view requires the implementation of a number of basic measures, including:
- Securing workstations and mobile terminals
- Information system protection (IS mapping, segmentation and filtering, backup policy, etc.).
- IS administration
- Logging and detection
- Intrusive audits
- 24/7 supervision of networks and IT systems
Advanced encryption solutions help protect sensitive communications. Finally, the use of AI and machine learning can improve threat detection.
Cyber security awareness
ANSSI has implemented an awareness-raising plan aimed at several hundred players involved in the 2024 Olympics. In particular, the plan aims to provide information on the state of the cyber threat during major sporting events, and to disseminate IT security recommendations and best practices.
Safety at the 2024 Olympics: a shared responsibility
The strategy for preventing cyber attacks during the 2024 Olympic Games is being steered by ANSSI. The agency is responsible for assisting entities in implementing security measures (audits, technical support, etc.). ANSSI also manages a system for monitoring, alerting and handling incidents. Private service providers also provide support for IT infrastructures.
Maintaining a secure IT environment during the Games depends on the cooperation of a large number of players (competition venues, host communities, public authorities and organizers, service providers, etc.). These players are subject to stringent compliance and data protection requirements.
Enhanced cooperation between authorities, organizers and cybersecurity experts is one of the cornerstones of security for the 2024 Olympics and a guarantee of good risk management.
Cybersecurity during the Paris 2024 Olympic Games: what you need to remember
The 2024 Olympic Games represent a cybersecurity challenge, with increased risks of espionage, destabilization and operations carried out for profit. The scale of cyberattacks during previous editions and the current cyber context ensures that the various players involved face a high level of cyber threats.
The preparation and anticipation work carried out by the players in the run-up to the 2024 Olympics is vital to avoid disruption of events, within a framework of increased cooperation between the various players involved in these Games.
2024 is also a pivotal year for the cyber resilience of companies and institutions, with the NIS 2 directive coming into force and IT security requirements tightening. A further step towards strengthening organizations' cyber maturity.
