Cybersecurity and threat intelligence experts at Imperva (a Thales Company) have identified a 770,000% increase in vulnerability scanning activity on Olympic-related sites from June to July 2024, ย indicating a surge in malicious intent and heightened risk of cyber-attacks designed to exploit this yearโs global event.
Historically, the Olympics have been a prime target for cybercriminals, state-sponsored actors, and hacktivists. Primary targets during the Olympics typically include official websites, live streaming services, ticketing systems, and critical infrastructure such as transportation and power grids – and this year is no exception.
Imperva’s Threat Research team has identified 6 types of attacks to watch out for during the Paris 2024 Games:ย
- Ransomware attacks: given the rise in ransomware incidents globally, it is likely that attackers will attempt to disrupt Olympic operations by encrypting critical systems and demanding ransoms. The high stakes and visibility of the event make it an attractive target for such attacks
- State-sponsored espionage: like the Russian state-sponsored hackers who targeted Pyeongchang, state actors may use the Olympics as an opportunity to conduct espionage, targeting sensitive communications, strategic plans, and personal data of high-profile individuals. The goal may range from intelligence gathering to attempting to influence outcomes or create political tension
- Distributed Denial of Service (DDoS) attacks: DDoS attacks, which overwhelm servers with traffic, are a common tactic to disrupt services, as seen in Rio. These attacks could target live streaming platforms, ticketing websites, or other critical online services, causing frustration and financial loss
- Phishing and social engineering: cybercriminals are likely to exploit the excitement and urgency surrounding the Olympics to craft convincing phishing emails and social engineering schemes. These could target attendees, athletes, or even officials, aiming to steal credit card information or distribute malware
- Supply chain attacks: the complexity of the Olympics involves numerous vendors and partners. Cyber attackers may attempt to infiltrate less secure elements of the supply chain to gain access to core systems. Ensuring robust security practices across all partners is essential to mitigate this risk
- Insider threats: with a vast amount of personal data being processed, from athlete information to attendee details, access to this information by those with malicious goals is a significant threat. Unauthorized access to this data can lead to privacy violations, identity theft, and financial loss
Other key threats identified by Imperva include:
-
770,000% Increase in Vulnerability Scanning:โฏFrom June to July, vulnerability scanner activity on Olympic-related sites has surged by an astonishing 770,000%, indicating a significant rise in malicious interest. (See chart below)
-
Rise in Automated Tool Usage:โฏThere has been a notable increase in the use of automated tools on these sites, leading to attempted data leakage, Remote Code Execution (RCE), and Distributed Denial of Service (DDoS) attacks.
-
DDoS Attack Frequency:โฏDDoS attacks on Sports and Travel websites have increased by 230% and 31%, in the run up to the games
-
Social Engineering Attacks:โฏSocial engineering attacks are particularly prevalent during high-profile events due to their widespread recognition and the public’s heightened interest. Paris2024.exe has been making rounds, leveraging the official Paris Olympics logo and name to deceive victims into trusting and executing the malicious software.
โฏ
Gabriella Sharadin, Cybersecurity Threat Researcher at Imperva (a Thales company) said:โฏโThe surge in cyber threats is a clear indication of the malicious intent to exploit this global event. The staggering increase in vulnerability scanning and DDoS attacks underscores the need for robust cybersecurity measures. Our focus must be on protecting the digital infrastructure and sensitive data to ensure the safety and integrity of the Games.โ
