- Concerns have been raised about political retribution due to France’s stance on issues like Ukraine and Russia’s ban from competing under their flag.
- In addition to Russia, other countries like China, Iran, North Korea, and Belarus also pose cybersecurity threats, albeit at varying levels of severity.
The upcoming Paris 2024 Olympics is not immune to cyber threats, with notable cybersecurity firm Mandiant, a subsidiary of Google, highlighting Russia as a primary source of cyber threats to the prestigious event.
Specifically, Russian threat groups like Sandworm, also known as APT44 or Frozenbarents, have been identified as posing significant risks, based on their past track record of targeting major international events.
Mandiant warns that Sandworm is not only engaged in intelligence collection but also has the capability to execute disruptive, destructive, or hybrid cyber operations that could undermine the smooth functioning of the Paris Olympics.
Credential phishing campaigns
The assessment is supported by past instances where Russian cyber gangs targeted major sporting events like the Rio 2016 and Pyeongchang 2018 Olympics.
During the Rio 2016 Games, Fancy Bear (APT28) infiltrated anti-doping officials’ networks and leaked sensitive data, while Sandworm created disruptions during the Pyeongchang 2018 Winter Games by employing tactics such as credential harvesting and malware distribution.
Mandiant’s findings reveal a pattern of malicious activities by Russian threat actors that extend to leveraging Android applications and conducting credential phishing campaigns.
Moreover, Mandiant’s intelligence indicates that pro-Russian information operations are likely to be a prevalent threat during the Summer 2024 Olympic Games, with narratives promoting pro-Russia, anti-Ukraine, and anti-Western sentiments. This aligns with the geopolitical context surrounding France’s stance on Ukraine and Russia’s exclusion from competing under its flag.
DDoS attacks
The firm also warns of potential cyberattacks orchestrated by hacktivist groups like Anonymous Sudan, Cyber Army of Russia Reborn, and others, targeting the Olympics through disruptive means such as distributed denial-of-service (DDoS) attacks.
Apart from Russia, countries like China, Iran, North Korea, and Belarus are also identified as posing cyber threats of moderate to low severity to the Paris 2024 Olympics.
Mandiant points to Chinese-sponsored groups like APT31, APT15, UNC4713, and TEMP.Hex as potential threats to organisations and individuals associated with the event, underscoring the diverse range of state-sponsored cyber actors vying to exploit vulnerabilities in the Olympic ecosystem.