wonderfully unique software solutions

Stormshield and partners warn of cybersecurity risks to Paris 2024

Giant global events — such as the Paris 2024 Olympic Games — can expect to continue to be targeted by cyber criminals and must ensure they are well prepared, according to Stormshield.

The OT/IT cybersecurity vendor spoke to Vincent Riou, cybersecurity partner at Avisa, who noted that physical security and cyber security issues must be considered together in hybrid environments.

“Some attackers might be tempted to attack certain systems in order to gain access to physical spaces without the appropriate credentials, or force spectators to leave protected spaces and gather outside them, thus facilitating terrorist attacks,” Riou was quoted as saying.

Large global events like the Olympic Games facilitate high-impact attacks of various kinds — making IT, data and information protection integral to an overall security approach, Riou suggested.

According to Stormshield’s blogger Victor Poitevin, the Paris 2024 Summer Olympic and Paralympic Games for example is expected to be the largest event held in France since 1900. T

“Figures are staggering: a budget of €7 billion (£5.9bn), four billion television viewers, 12 million spectators, 30,000 volunteers, 10,000 athletes, 206 nations and 40 competition sites to secure, among others,” he wrote.

The Tokyo Summer Games in 2021 saw some 400 million cyber attacks, according to Japan news site Kyodo.

Avisa Partners’ Riou said that large events are a “formidable vehicle” for boosting the image of the host country that hosts them, which also means that technical flaws and problems might be broadcast to the planet.

“We see state-affiliated groups with geopolitical motivations and the goal of destabilising the country. Next we have opportunistic cybercriminals tempted by financial windfalls from, say, ransomware attacks, leveraging the organisers’ ‘urgent’ need to restore normal operation,” he said.

Hacktivist groups with ideological objectives can also deface websites or conduct denial-of-service attacks, he added.

Video capture systems for television or referees, CCTV cameras and alarm systems, badge and ticket readers, and other smart equipment can be vulnerable as can logistics and subcontracting operations across a range of locations, including open venues in capital cities, with spectators and participants also targets.

Expected threats – and how Paris is tackling them

Stormshield’s Poitevin also quoted Nicolas Caproni, a threat research head at Sekoia.io.

“Cybercriminals will opportunistically exploit the event to conduct phishing campaigns, using themed competitions to increase the chances of persuading users to open messages and click on compromising links.

“They can also hide malware inside a PDF as part of a scam to sell or resell tickets. They will also try to harvest personal and credit card data that will later be of value on the darknet,” Caproni reportedly said.

“Some attack groups now specialise in disinformation and fake news. These new weapons can be used to disrupt events by leaking data that should not have been leaked, or falsified data.”

According to Stormshield, Paris 2024’s organisational cybersecurity budget is around €17 million, covering a prevention and defence programme with full-scale simulations, secure application code, and an effort to compartmentalise network and server layers when designing infrastructure, security audits and security operations.

“An awareness-raising programme is also being implemented with training for employees, sponsors, subcontractors, athletes and all stakeholders,” Poitevin wrote.

( Photo by Konstantin Planinski on Unsplash )

Recent Articles

RealVNC remote-access highlighted by six finalists for Raspberry Pi prize

RealVNC, maker of RealVNC Connect, has named six finalists for this year's RealVNC Raspberry Pi Prize with winner and runners-up to be...

Cyberattack climate entails customised firewalling, notes Stormshield

Firewalling at the edge is no longer enough so organisations increasingly need to combine suitable location with segmentation and zero-trust strategies that...

Palm vein biometrics market set to explode this decade

The market for palm-vein based biometrics has been forecast to expand in line with a compounded annual growth rate of 22.4% from...

Automox targets unsigned scripts with PowerShell signing capability

Endpoint management company Automox is unveiling Worklets Signing, which complements Worklets and Ask Otto with a view to helping companies dodge the...

Arista warns SMBs to take precautions against edge threats

Arista Networks, the vendor of Arista Edge Threat Management (ETM) has warned that SMBs aren't always aware of the extent of targeting...

Related Stories

Leave A Reply

Please enter your comment!
Please enter your name here

Weirdware monthly - Get the latest news in your inbox