Franz Regul, situated in his office on one of the upper floors of the Paris Olympic organizing committee headquarters, is confident about what lies ahead.
Regul, the leader of the team tasked with defending against cyberthreats during the upcoming Summer Games in Paris, expressed concerns about potential attacks.
Teams similar to Regul’s are now present in companies and governments worldwide. These teams operate in minimalistic rooms furnished with computer servers and screens that display indicator lights, serving as a warning for potential hacking attacks. In the operations center in Paris, a red light is installed specifically to alert the staff of the most critical and severe threats.
Regul stated that there have not been any significant disruptions thus far. However, he is aware that as the countdown to the Olympics progresses from months to weeks, and then to days and hours, the number of hacking attempts and the level of risk will increase exponentially. Unlike companies and governments who anticipate the possibility of an attack, Regul knows precisely when the worst is expected to happen.
According to the expert, it is rare for organizations to have advance knowledge of specific attacks targeting them in the months of July and August.
Security concerns at major events such as the Olympics have traditionally centered around physical threats, such as terrorist attacks. However, with technology playing an increasingly prominent role in the preparation and execution of the Games, cyberattacks are now being recognized as a persistent and significant hazard by Olympic organizers.
Hacking groups and countries such as Russia, China, North Korea, and Iran pose a multitude of threats. They have developed advanced operations that can not only disable computer and Wi-Fi networks but also disrupt digital ticketing systems, credential scanners, and even event timing systems.
In 2018, during the Pyeongchang Winter Olympics in South Korea, the Games were on the verge of being derailed due to a real and imminent hacking attack.
The cyberattack began on a chilly evening as attendees gathered for the opening ceremony. A series of events quickly indicated that something was wrong. The Wi-Fi network, crucial for transmitting photos and news updates, abruptly went offline. At the same time, the official Olympics smartphone app, which held fans’ tickets and vital transportation details, ceased to function, causing some fans to be unable to enter the stadium. Furthermore, broadcast drones were grounded, and internet-connected TVs intended to display ceremony visuals in various venues went dark.
Despite the unexpected attack and technical issues, the ceremony proceeded as scheduled, and the Games continued without any major disruptions. A dedicated team of cybersecurity experts worked tirelessly throughout the night to fend off the attack and rectify the glitches. Their efforts paid off, as the following morning saw a seamless start to the first events, with minimal evidence of the potential catastrophe that had been narrowly averted.
The threat to the Olympics has continued to escalate over time. During the last Summer Games in Tokyo in 2021, the cybersecurity team encountered a staggering 450 million attempted “security events.” Looking ahead to the upcoming Olympics in Paris, it is projected that the city will face a significantly higher number of security threats, estimated to be eight to 12 times greater, according to Regul.
Paris 2024 cybersecurity officials freely use military terminology to emphasize the magnitude of the threat. They conduct “war games” to assess the capabilities of specialists and systems, integrating feedback from experienced veterans of Korea into their evolving defenses.
According to experts, there are multiple culprits responsible for the majority of cyberattacks. These include criminals who seek to ransom valuable data and activists who aim to draw attention to specific causes. However, the consensus among experts is that it is only nation states that possess the capabilities to execute the most significant and impactful attacks.
The attack in Pyeongchang in 2018 was initially attributed to North Korea, South Korea’s adversarial neighbor. However, further investigations by experts, including agencies from the U.S. and Britain, have since determined that Russia is the true culprit. It is widely accepted that Russia deliberately employed techniques aimed at shifting the blame onto another party.
Russia takes the spotlight as the main focal point this year.
Russia’s participation in the Olympics has been revoked due to its invasion of Ukraine in 2022. However, a select few individual Russian athletes will be allowed to compete under a neutral status. The strained relationship between France and Russia has deteriorated to the point where President Emmanuel Macron publicly accused Moscow of trying to undermine the integrity of the Olympics by spreading disinformation.
The International Olympic Committee has accused Russian groups of trying to sabotage the Games. In a rare statement issued in November, the IOC condemned the spread of defamatory “fake news posts” following the release of a documentary on YouTube. The documentary featured an AI-generated voice-over claiming to be actor Tom Cruise.
Later, an article shared on Telegram, an encrypted messaging and content platform, replicated a deceptive news piece from the French network Canal Plus. The post falsely claimed that the International Olympic Committee (IOC) intended to prohibit both Israeli and Palestinian teams from participating in the upcoming Paris Olympics.
Earlier this year, Russian pranksters successfully impersonated a senior African official and had a conversation with Thomas Bach, the IOC president. The call, which was recorded and later released, has caused Russia to accuse Olympic officials of conspiring to prevent their team from participating in the Games.
According to Microsoft, in 2019, computer networks of at least 16 national and international sports and anti-doping organizations were targeted by Russian state hackers. Among the organizations affected was the World Anti-Doping Agency, which was on the verge of announcing penalties against Russia for its state-supported doping program.
In a previous incident, which took place three years ago, Russia had focused its efforts on anti-doping officials during the Rio de Janeiro Summer Olympics. The U.S. Department of Justice has filed indictments against several Russian military intelligence officers, revealing that operatives involved in this incident utilized a tactic known as spoofing to target hotel Wi-Fi networks used by the officials in Brazil. By doing so, they were able to successfully infiltrate the email networks and databases of the anti-doping organization.
According to Ciaran Martin, the inaugural CEO of Britain’s national cybersecurity center, Russia poses the most apparent disruptive threat at the Paris Games. He believes that potential targets for Russian cyberattacks could include event scheduling, public broadcasts, and ticketing systems.
Martin, now a professor at the Blavatnik School of Government at the University of Oxford, highlights the potential scenario of athletes being punctual for an event, only to be delayed due to a malfunctioning iPhone scanning system at the entrance gate.
“Do we proceed with a half-empty stadium, or do we postpone?” he questioned. “Being in a situation where we must choose between delaying the event or having world-class athletes perform in front of a sparsely filled venue, is undoubtedly a failure.”
In preparation for the Games, Paris organizers, along with the IOC and partners like Atos, have been conducting “war games” to simulate potential attacks. These exercises involve hiring ethical hackers to target the systems set up for the Games, and rewarding those who uncover vulnerabilities with bug bounties.
Hackers have targeted sports organizations in the past using various tactics, such as malicious emails, fictional personas, stolen passwords, and malware. To combat this, the Paris organizing committee has implemented training for new hires to help them identify and prevent phishing scams.
One incident involved a Games staff member who was tricked into paying an invoice to a fraudulent account after receiving an email from someone posing as another committee official. Additionally, the cybersecurity team identified an email account that had tried to impersonate Tony Estanguet, the chief of Paris 2024.
According to Martin, a former British cybersecurity official, cyberattacks have traditionally been more of a nuisance than a catastrophic event. However, he emphasizes that millions of additional attempts are imminent.
He stated that at their worst, they have been weapons of mass disruption.
