• The Olympic Games Paris 2024 is just a few days away, but the event is already a major target for cyber attacks.
  • In addition to the obvious threat from Russian hackers, the event may also be targeted by a few other types of cyber attacks.

The Olympic Games Paris 2024 is about to begin. The event is expected to sell over 13 million tickets and bring over 15 million visitors to France. While it has already created excitement for millions of sports fans worldwide, it is also expected to be a massive target for cybercrimes, especially given the country’s significant involvement in geopolitics. Further, the huge scale of monetary transactions during this event makes it a bigger target for threat actors.

Given this background, ZeroFox conducted a study to understand the possible physical and cybersecurity threats that could impact the sporting event. Here are a few cyber threats tourists and sports fans should watch out for a few recommendations for them to stay safe.

1. Attacks by Russian Hacker Groups

This is probably the biggest and primary cyber threat the event may face. France has taken steps that can be seen as hurting Russia when it comes to the Russia-Ukraine war. Further, Russian athletes were banned in 2019 from international competition owing to allegations of a state-sponsored doping program. Even the International Olympic Committee (IOC) banned Russian athletes from competing under Russia’s name and flag after the country invaded Ukraine.

As such, Russian state-backed or independent threat actors may be actively involved in cyber attacks, including data compromises, DDoS attacks, or various financial scams.

The Russian hacktivist group People’s Cyber Army (PCA) already posted a call to action on their Telegram channel and associated “RCAT chat” private group in June this year, urging cyber fighters to target France with cyber attacks. This was accompanied by a fake cover of Charlie Hebdo, featuring Russian text claiming Russian hackers agreed to participate in the Olympics in a neutral status, in a new sport called ‘DDoS attacks’ on the French websites. Another group, NoName057(16), is expected to join PCA in the cyberattacks.

The coordinated attacks by PCA, NoName057(16), and RCAT are expected to potentially disrupt event security, logistics, and public perception.

2. Threats to Mobile Applications

Mobile apps present security risks; threat actors will likely exploit fans’ excitement for the games to scam them. Threat actors can use or steal app credentials to gain access to user accounts, potentially manipulating personal information associated with paris2024[.]org and olympics[.]com users. This may lead to operational disruptions, ticket fraud, and reputational damage.

The ZeroFox studyOpens a new window