Paris 2024 Olympics face rising cybersecurity threats reports suggest
As global attention turns towards the upcoming 2024 Paris Olympics, enterprises around the world are being alerted to heightened cybersecurity threats. A new report from Palo Alto Networks Unit 42 has shed light on the key threats that could impact the Games. The report, titled "Paris 2024 Threat Report," highlights various scenarios where cybercriminals might seek to disrupt the event and associated services.
In its assessment, Palo Alto Networks Unit 42 identified significant cyber threats including business email compromise (BEC) and financial fraud, third-party disruptions, and activity from Russian threat actors. The report discusses how cybercriminals may exploit the occasion by targeting entities involved in the event, including transport, hospitality, telecommunications, media, payment processing, utilities, and safety and security services. Attacks on these critical services could damage the event's reputation, disrupt the experience for attendees, and result in financial losses for organisers and sponsors.
"Financially motivated crimes are likely to present the highest and most sustained threat throughout the event," the report states. One major concern is the rise in ransomware attacks, which Palo Alto Networks notes have surged. In 2023, the organisation observed nearly 4,000 ransomware leak posts, illustrating a 49% increase from 2022, with 28% of their Incident Response cases involving ransomware that employed data encryption.
Another key threat highlighted in the report is business email compromise. BEC actors typically impersonate sponsors or businesses associated with the Olympics, aiming to deceive victims into transferring large sums of money. The average payout for such schemes has reportedly been over USD $500,000. Attackers leverage fear, uncertainty, and doubt, both before and during the event, to execute these financial thefts.
The proliferation of fraudulent websites and mobile apps is also a concern. Palo Alto Networks has already begun to detect domains spoofing legitimate Olympics websites. Additionally, fraudulent mobile apps posing as transport or booking tools are seen as prime avenues for cybercriminals. Web-skimming attacks to steal customer data and payment card information pose further threats to payment processors and businesses.
To assist organisations in bolstering their defences, Palo Alto Networks has provided five cybersecurity recommendations:
First, adopting a Zero Trust strategy can significantly limit damage from attacks. By granting least-privilege permissions, organisations can restrict an attacker's movement and activity, thereby minimising the impact of security incidents. Zero Trust operates on the assumption that the network is already compromised, continuously validating the user, device, application, and data.
Second, implementing a defense-in-depth approach involves designing security programmes with overlapping defences and controls. This raises the likelihood of detecting attackers early in the attack lifecycle, especially when combined with Zero Trust policies.
Maintaining an incident response plan is the third recommendation. Organisations are encouraged to regularly review, update, and test their incident response strategies, ideally with input from cybersecurity experts. This preparedness can significantly improve their capability to contain and respond to attacks.
Fourth, ensuring complete visibility of the attack surface is vital. The report highlights that 75% of incidents involving ransomware attacks stem from internet-facing vulnerabilities. Centralised, near real-time visibility solutions can help identify and mitigate these vulnerabilities promptly.
Lastly, leveraging the capabilities of AI and automation can modernise security operations. This technology helps organisations reduce the workload on analysts and enhance their ability to thwart attackers before they can inflict significant damage. Additionally, organisations adopting cloud infrastructure should implement comprehensive cloud-native security measures to guard against attacks targeting cloud workloads.
The 2024 Paris Olympics are anticipated to attract global attention, making them a lucrative target for cybercriminals. Organisations involved directly or indirectly with the events should consider these recommendations to safeguard against potential threats and ensure the integrity and success of the Games, Palo Alto states.