SOCRadar® Cyber Intelligence Inc. | Cyber Threats for the Upcoming 2024 Paris Olympics
Home

Resources

Blog
Jun 25, 2024
14 Mins Read

Cyber Threats for the Upcoming 2024 Paris Olympics

The world is eagerly waiting for the Paris Olympics to come. The event is not only going to be a scene for the best athletes in the world to compete but also a challenging time for authorities to fight cyber threats. The Olympics is a high-profile target for state-sponsored actors, cybercriminals, and hacktivist groups, all aiming to disrupt the event by employing various tactics. This article explores the cyber threats that could impact the Paris Olympics, beginning with the information sphere, where operations from state-supported actors like Russia can muddy the waters. From there, we move into the realm of phishing and scams, where both espionage-focused state actors and greedy cybercriminals are expected to exploit the event. The current state of our world politics also impacts this sporting event. Lastly, we will be discussing the impact of geopolitics and how France is a target for diverse cyber threats ranging from hacktivist groups to state-sponsored criminals.

Disinformation and Propaganda in 2024 Paris Olympics

As the Paris Olympics approaches, the threat of disinformation and propaganda campaigns is increasing, especially from state-supported actors. Historically, Russia has been the main suspect in such activities. We’ve seen various events, organizations, and countries targeted by Moscow-led disinformation campaigns in the past. Russia aims to create a suitable environment that will help the Kremlin’s geopolitical goals by using various digital platforms to spread misleading information and influence public opinion in Europe. These tactics didn’t only aim to undermine a specific event’s integrity but also to create distrust among citizens. They served a general purpose and acted as a step for a bigger plan. Understanding the previous events and taking appropriate measures to mitigate the possible threats is crucial to having a fair and secure Olympics in 2024.

In previous years, St. Petersburg has been a widely mentioned city in disinformation-related issues. Not because of the city itself, of course, but because of a company named Internet Research Agency (Агентство интернет-исследований) located there. We heard about this company, especially from the Report On The Investigation Into Russian Interference In The 2016 Presidential Election, also known as the Mueller Report.

55 Savushkina Street, St Petersburg. One of the offices of the Internet Research Agency. James Hill, The New York Times

55 Savushkina Street, St Petersburg. One of the offices of the Internet Research Agency. James Hill, The New York Times

Internet Research Agency was suspected to have ties to a person who is the founder of another corporation, PMC Wagner (ЧВК «Вагнер»), which was used as a proxy actor by the Russian government for military operations abroad. This entrepreneurial spirited person, who died in a helicopter accident in August 2023 after his failed putsch against the Putin regime, was a close ally of the Kremlin.

Prigozhin’s discontent with the central government was quite visible in the media for a very long time after the Russian invasion of Ukraine started in February 2022, but the Internet Research Agency did not change its targets and kept protecting Moscow’s interests in the information field, even after his death.

The suspicions about Prigozhin’s ties with the Internet Research Agency disappeared after the confession of being the founder of the company came from Prigozhin himself.

This is just one actor working to realize the Kremlin’s variety of goals with its disinformation campaignsThroughout the years, we have seen various attempts coming from them to muddy the waters and the upcoming Paris Olympics is not going to be an exception for Russian trolls.

According to a report published by Viginum, a French agency responsible for fighting foreign digital interference, there is a malicious campaign aimed to affect French speaking discourses online. Its primary aim is to post fake content, and then share it in a coordinated manner on X (formerly Twitter), in the reply section of posts.

This fake content usually impersonates Western public figures. The focus of this disinformation campaign is primarily anti-Ukrainian, but the trolls are also targeting France’s policy of supporting Ukraine, French politicians, and the Paris 2024 Olympic and Paralympic Games. Another revelation from Viginum investigations shows that the majority of the content was first published on Russian-language Telegram channels, and these efforts have continued since late 2023.

The report states these operations impersonated media organizations and other institutions to spread the idea that the 2024 Olympics will be a failure among both French and international audiences. Dealing with fraudulent activities and criminals impersonating your company can be hard. In the vast cyberspace, finding out about these threats before they interact with your customers and damage your reputation is vital. Therefore, SOCRadar’s Brand Protection Module offers extensive solutions such as Fraud ProtectionSurface Web Monitoring, and if you need to get rid of scammers, you can check Integrated Takedown.

SOCRadar Brand Protection Module

SOCRadar Brand Protection Module

Below, you will see certain cases presented in the report. One of the posts contains a video with the logo of the CIA, and it claims that the terrorist risks are too high for the events. The other post contains fake news pieces asking Parisians not to use their air conditioning because the security system of the Olympics might get affected and mistook air conditioners for drones.

Screenshots of posts targeting the 2024 Games, Source: Viginum Technical Report - Portal Kombat Network (part three) 

Screenshots of posts targeting the 2024 Games, Source: Viginum Technical Report – Portal Kombat Network (part three)

Terrorism

The resurgence of ISIS propaganda, including recent publications featuring imagery related to the Paris Olympics, signals a potential threat to the event. While these propaganda materials are not sufficient to determine whether an attack will occur, they are designed to sow fear and mistrust. These kinds of attempts aim to undermine the sense of security of the event and the capabilities of the French government.

ISIS gained significant popularity and increased its influence with the help of sophisticated propaganda operations. They had their own media machine, which produced high-quality propaganda materials for online platforms. The content they disseminated included executions, victories, and messages that were aimed at recruiting people from all over the world.

Another point they paid attention to was the use of social media. When they were utilizing social media so actively, its importance was not very well understood by the world. However, by disseminating their material via social media platforms such as Twitter, they were able to reach a wide audience without facing serious limitations. These online platforms also allowed them to tailor their content for different geographies and groups. Personalized content for different audiences also helped their recruitment efforts.

The story of ISIS began in 2013 when Baghdadi claimed that the Islamic State in Iraq (ISI) had merged with the Nusra Front in Syria, forming “The Islamic State in Iraq and Syria.” Despite their defeat with the fall of Al-Baghouz in 2019, they continue to disseminate their propaganda.

Rodi Said, Reuters

Rodi Said, Reuters

The latest propaganda materials targeting the Olympic games are trying to motivate terrorists who can act by themselves to realize the goals of the terrorist group. These lone wolves have no or too little connection to any organized group, and therefore, it is hard to track their moves. The increased usage of kamikaze drones by the Ukrainian military during their war created a new attack method for others. The propaganda material also suggests this idea to anyone who wants to terrorize the event.

While the propaganda material mentions drone strikes, there is no doubt that any criminal who feels sympathy for the terrorist group might try to damage the Games with their own capabilities.

Authorities must conduct a proper public diplomacy to address both the physical and psychological dimensions of this threat to protect the trust towards the central government and the safety measures taken for the event.

Phishing Attempts and Scamming Risks for 2024 Paris Olympics

The Paris Olympics presents a lucrative opportunity for business owners since the event will bring a lot of attention. Communication and marketing efforts will also increase due to this increased interest in the event. Cybercriminals will try to benefit from this communication frenzy with phishing attempts and scams. On one hand, high-profile individuals may be targeted by state-sponsored actors for espionage purposes. On the other, money-driven cybercriminals might try to exploit the event’s economic scale and try to scam unsuspecting individuals and organizations.

To detect phishing email addresses, you might have to interact with them or try to gather TTPs from CTI solutions such as SOCRadar XTI. If you want a quick check, you can also utilize tools such as EmailRep. However, identifying phishing domains—which aim to deceive individuals into taking action or disseminating misinformation via fake websites—is somewhat easier. Phishing domains often exhibit specific characteristics: criminals use spoofed domains or typosquatting to lure individuals into clicking their links.

You see certain domains below. They all have some common features. They’re all relatively new domains. They’re all related to subjects that people might feel the need for. Because of that “necessity”, these domains can mislead individuals or cause them to act without thinking if they are presented with a catchy message. When you want to buy a ticket or need a hotel room, seeing a post about it in your mailbox can catch you off guard.

A domain search result from urlscan.io

A domain search result from urlscan.io

A domain search result from urlscan.io

A domain search result from urlscan.io

A domain search result from urlscan.io

A domain search result from urlscan.io

A domain search result from urlscan.io

A domain search result from urlscan.io

SOCRadar provides free tools to increase the cybersecurity structure of organizations. You can try our IP Reputation tool to find out if an IP address is among any blacklist or the Phishing Radar tool to find out possible domains that are trying to imitate your company. Try SOCRadar Labs for free to uncover phishing scams.

Free tools from SOCRadar Labs

Free tools from SOCRadar Labs

While the phishing attempts that will follow the above mentioned way are mostly designed to scam people, high level individuals can be targeted by state-sponsored actors for political goals and spear-phishing high-value authorities in the Western world is not unknown to Russians.

High-value targets, such as government officials, corporate executives, or in our case, responsible individuals for the Olympics hold sensitive information and a successful attack can lead to the exposure of classified documents.

By gaining access to internal systems, threat actors can disrupt services and operations. In an event such as the Olympics, the consequences will be detrimental.

Lastly, conducting a successful operation targeting high-value individuals will allow threat actors to get credit while the authorities lose it. Other than the bragging that comes from successful attempts, any leverage threat actors can use will allow them to utilize it for further disinformation operations and create distrust towards the authorities.

Impact of Geopolitics on 2024 Paris Olympics

The geopolitical environment has been very tense lately, and we constantly see the impact of these strained relations between governments in cyberspace. France’s stance on the ongoing Israel-Hamas conflict, along with its backing of Ukraine against Russian aggression, positions it as a prime target for hacktivist groups and state-sponsored threat actors. These actors may employ diverse tactics beyond phishing, damage the Games, and propagate their political messages.

The number of APT groups targeted France previously

The number of APT groups targeted France previously

As we can see from the data, cyber threats from China or Russia affiliated groups are much greater than other geographies. While China is constantly targeting Western organizations, Russia’s invasion increased the amount of attacks and those groups with state affiliations have a greater motivation now to conduct highly sophisticated attacks.

Hacktivism

A threat actor monitored by SOCRadar attacked French organizations

A threat actor monitored by SOCRadar attacked French organizations

From time to time, we see some hacktivist groups targeting specific countries or companies. But since the beginning of the Hamas-Israel conflict, we have witnessed a much heavier targeting of Western countries, especially by groups motivated by Islam. These threat actors are mostly conducting DDoS attacks or leaking confidential information. For a big event like the Olympics, the same threat actors might try to target certain systems or websites related to the event. Companies with responsibilities or sponsorships for the event can also be a target for these threat actors.

Pro-Russian Cyber Threat Actors Target European Parliament Elections

Pro-Russian Cyber Threat Actors Target European Parliament Elections

SOCRadar’s Hand Guide For the 2024 Paris Olympics

The 2024 Paris Olympics is a high-profile event that presents a lucrative target for cybercriminals. This guide highlights expected cyber threats, including phishing attacks, ransomware, DDoS attacks, social engineering, data breaches, and malware. It emphasizes the necessity of multi-layered security defenses and introduces SOCRadar’s advanced cybersecurity solutions. Key features include Threat Intelligence, Attack Surface Management, DoS Resilience, Malware Analysis, and Identity & Access Intelligence. By leveraging SOCRadar’s capabilities, organizations can ensure robust protection against evolving cyber threats during the Olympics.

SOCRadar’s suite of tools offers comprehensive protection, enabling businesses to identify potential threats, analyze malicious files, and enhance DDoS defenses. With real-time insights from SOCRadar’s Extended Threat Intelligence solution, businesses can effectively counteract cyber threats and mitigate data breaches. SOCRadar’s Hand Guide For the 2024 Paris Olympics is essential for organizations preparing for the cyber challenges posed by the Paris 2024 Olympics, ensuring a secure digital environment.

Conclusion

As we said at the beginning, the Olympics will not just be a tournament of athletes competing with each other. The biggest risk group for this event is the repercussions of ongoing political conflicts in the cyber world. Behind almost every cyber threat we mentioned, there is a political struggle. The responsibility does not rest solely on the shoulders of some cybersecurity offices or disinformation agencies. Individuals also have a huge responsibility. Not falling for the efforts of terrorists or rival states will provide more security than any other measure.

If you need support to have your back in these difficult times, you can contact SOCRadar for your intelligence needs.