France preparing for Olympic ransomware attacks
The French government’s cybersecurity agency, Anssi, issued a stern warning on Thursday, predicting that ransomware attacks during the Paris 2024 Olympics will be “inevitable.”
In preparation for the Olympic Games, which are set to begin on 26 July, French officials have spent the past two years gearing up to combat an unprecedented level of cyber threats. These threats could come from various sources, including criminal organisations, state actors like Russia aiming to disrupt the Games, ideological “hacktivists,” or opportunistic gamblers.
Anssi expressed confidence in the ability of security teams to handle these threats but acknowledged that it is “unrealistic” to expect complete prevention. “It’s absolutely certain and inevitable that ransomware attacks will occur during the Games,” the agency stated. “And statistically, there is a high chance that ransomware attacks will affect actors who will be involved in the Games.”
Ransomware attacks involve encrypting and blocking access to computer systems, demanding a ransom to restore access. Anssi’s goal is to ensure that the majority of attacks fail and that responses to unavoidable attacks are swift and effective to minimise their impact.
The primary responsibility for countering these attacks rests with Anssi and the Ministry of the Interior, with additional support from the cyber defense unit of the Ministry of Defense (Comcyber).
Historically, the Olympic Games have been a frequent target for cyberattacks. The Tokyo Olympics 2020, which were delayed due to the pandemic, saw 450 million attempted cyber operations, double the number reported during the 2012 London Olympics. Marie-Rose Bruno, director of technology and information systems for the Paris Games, anticipates “eight to ten times more” cyberattacks than those observed in Tokyo.
Anssi also warned of potential denial-of-service (DoS) attacks from various activist groups seeking to leverage the Olympic platform to further their causes. “Another thing that’s almost a certainty is everything to do with activism, groups that vary greatly in nature, all of whom have messages pro something or against something, who are there to make noise, to create a buzz,” the agency noted.
While these activist groups typically engage in denial-of-service attacks that lack long-term destructive effects, their activities are expected to be highly visible. “But this kind of thing is obviously visible,” Anssi added.
As the Paris 2024 Olympics approach, French authorities are focused on mitigating the impact of these anticipated cyber threats, aiming to protect the integrity and security of the Games.