Inflation is really everywhere... According to Paris 2024 Chief Technology Officer Bruno Marie-Rose, the Paris 2024 Olympics are expected to be the target of billions of cyberattacks, "eight to ten times more than the Tokyo Games", threats accentuated by cyberwarfare in Ukraine.
"The Olympics are one of the most attacked events in the world. This is the first nightmare of the director of technology, "explained the engineer and Olympic medalist of the 4×100m relay in 1988, inaugurating, this Monday in Madrid, the center of testing and integration of the Olympic Games, installed by the French group Atos.
Real-time transmission of results, broadcast of images, accreditation of athletes, teams, officials... Information systems are at the heart of how the Games work.
"We expect everything"
In the previous edition of 2021 "in Tokyo, we had 450 million attacks, already eight times more than in Rio in 2016. And 4.4 billion threats, or 800 per second. But zero impact on the Games," said Christophe Thivet, Atos' Director of Technology Integration for the 2024 Games. "In case of threats, we were able to block all pre-impact flows."
And those in charge are formal, "We expect everything". First, hackers who seek to steal data from organizers, for example identification data. "We are already seeing attackers looking to target people, with login attempts. We pay attention to our direction," explains Bruno Marie-Rose.
Security vulnerabilities
Cyberattackers also look for security vulnerabilities in already installed systems. "We see that some are trying. Our systems are continuously scanned. When you see the table of scans, it's impressive. At the same time, it's just normal."
Another risk is the misuse of data, for example from fake ticket sales sites. Hence an all-out surveillance. Atos, in charge of the cybersecurity of the Games and sponsor of the International Olympic Committee (IOC), deploys all the classic means to identify vulnerabilities: ethical hackers, penetration tests, bug bounty, simulated attacks and monitoring of the dark web to see if cybercriminal groups are talking about the Olympics, adds Christophe Thivet.
In addition to a cybersecurity center with several dozen experts already installed in France, Atos teams are supported by the French Agency for Information Systems Security (ANSSI).
War in Ukraine increases risk of state attacks
The war in Ukraine is intensifying the risk of attacks by pro-Russian groups, the two officials also half-heartedly acknowledge. "The Olympics are a target for geopolitical propaganda. The war in Ukraine is accompanied by a cyber war. We are particularly afraid of state attacks," says the Games' Chief Technology Officer. The decision on whether or not to participate Russian athletes is likely to lead to increased cyber vigilance.
"The worst would be attacks that would cause an interruption or disruption of competitions. One of my counterparts in 2018 at the Pyeongchang Olympics saw a few systems shut down before the opening ceremony. I don't want that to happen," says Bruno Marie-Rose.
Holes in the racket
Whether to extort funds or to pass on geopolitical messages, the Olympics represent a prime target for hackers, confirms Pierre-Antoine Failly-Crawford, cybersecurity expert at Varonis and former ethical hacker.
"Especially the construction phase, with the presence of many external service providers who do not always have the same security policy, which leads to holes in the racket," he says.
Malicious actors could seek to compromise on-board systems, for example the GPS of boats, or to hack the thousands of wifi terminals that will be set up by the organizing committee, for example during the unprecedented opening ceremony on the Seine, watched around the world.
The Olympics are also never immune to denial-of-service attacks, those traffic jams of requests that can block sites.
- Local
- Paris
- Ile