wonderfully unique software solutions

Stormshield and partners warn of cybersecurity risks to Paris 2024

Giant global events — such as the Paris 2024 Olympic Games — can expect to continue to be targeted by cyber criminals and must ensure they are well prepared, according to Stormshield.

The OT/IT cybersecurity vendor spoke to Vincent Riou, cybersecurity partner at Avisa, who noted that physical security and cyber security issues must be considered together in hybrid environments.

“Some attackers might be tempted to attack certain systems in order to gain access to physical spaces without the appropriate credentials, or force spectators to leave protected spaces and gather outside them, thus facilitating terrorist attacks,” Riou was quoted as saying.

Large global events like the Olympic Games facilitate high-impact attacks of various kinds — making IT, data and information protection integral to an overall security approach, Riou suggested.

According to Stormshield’s blogger Victor Poitevin, the Paris 2024 Summer Olympic and Paralympic Games for example is expected to be the largest event held in France since 1900. T

“Figures are staggering: a budget of €7 billion (£5.9bn), four billion television viewers, 12 million spectators, 30,000 volunteers, 10,000 athletes, 206 nations and 40 competition sites to secure, among others,” he wrote.

The Tokyo Summer Games in 2021 saw some 400 million cyber attacks, according to Japan news site Kyodo.

Avisa Partners’ Riou said that large events are a “formidable vehicle” for boosting the image of the host country that hosts them, which also means that technical flaws and problems might be broadcast to the planet.

“We see state-affiliated groups with geopolitical motivations and the goal of destabilising the country. Next we have opportunistic cybercriminals tempted by financial windfalls from, say, ransomware attacks, leveraging the organisers’ ‘urgent’ need to restore normal operation,” he said.

Hacktivist groups with ideological objectives can also deface websites or conduct denial-of-service attacks, he added.

Video capture systems for television or referees, CCTV cameras and alarm systems, badge and ticket readers, and other smart equipment can be vulnerable as can logistics and subcontracting operations across a range of locations, including open venues in capital cities, with spectators and participants also targets.

Expected threats – and how Paris is tackling them

Stormshield’s Poitevin also quoted Nicolas Caproni, a threat research head at Sekoia.io.

“Cybercriminals will opportunistically exploit the event to conduct phishing campaigns, using themed competitions to increase the chances of persuading users to open messages and click on compromising links.

“They can also hide malware inside a PDF as part of a scam to sell or resell tickets. They will also try to harvest personal and credit card data that will later be of value on the darknet,” Caproni reportedly said.

“Some attack groups now specialise in disinformation and fake news. These new weapons can be used to disrupt events by leaking data that should not have been leaked, or falsified data.”

According to Stormshield, Paris 2024’s organisational cybersecurity budget is around €17 million, covering a prevention and defence programme with full-scale simulations, secure application code, and an effort to compartmentalise network and server layers when designing infrastructure, security audits and security operations.

“An awareness-raising programme is also being implemented with training for employees, sponsors, subcontractors, athletes and all stakeholders,” Poitevin wrote.

( Photo by Konstantin Planinski on Unsplash )

Recent Articles

Hornetsecurity expands M365 cloud security offer with Vade deal

Cloud email security provider Hornetsecurity has added a partnership with Vade, increasing focus on answering data sovereignty requirements with best-in-class cloud, compliance...

Cross-browser testing provider BrowserStack named Microsoft ‘partner of choice’

Software testing platform provider BrowserStack has announced a strategic partnership with Microsoft to support Visual Studio App Center users transitioning to BrowserStack...

JetBrains rolls out full-line code completion for its IDEs

Developer tools company JetBrains has added to its AI-enablement tools with full-line code completion for its integrated development environments (IDEs), separate to...

OpenText renews X12 supply-chain data standards partnership

Enterprise information management (EIM) software vendor OpenText is renewing its partner licensing agreement with the X12 electronic data interchange (EDI) standards organisation.

LiveAction NPM performance extended for Cisco unified server users

Network intelligence from vendor LiveAction has been certified to work with high performance Cisco servers, increasing availability of its packet data and...

Related Stories

Leave A Reply

Please enter your comment!
Please enter your name here

Weirdware monthly - Get the latest news in your inbox