Organisations and individuals attending the Olympic Games must be aware of heightened cyberthreats. Major sporting events, like the Olympics, present prime opportunities for cyber crimes due to the huge viewership.
Over the past decade, the number of cyberattacks targeting major events has surged, increasing from 212 million documented attacks at the London 2012 Games to a staggering 4.4 billion at the Tokyo 2020 Games.
Attacks often have direct financial motives, such as scams, digital fraud, or the acquisition of valuable personal data from attendees, viewers, and sponsors. FortiGuard Labs, part of the wider Fortinet group of companies, published a new analysis based on threat intelligence provided by FortiRecon, which shows that this year’s Olympics has been a target for a growing number of cybercriminals for over a year.
Using publicly available information and proprietary analysis, this report provides a comprehensive view of planned attacks, such as third-party breaches, infostealers, phishing, and malware, including ransomware.
FortiGuard Labs has observed a significant increase in resources being gathered leading up to the Paris Olympic Games, especially those targeting French-speaking users, French government agencies and businesses, and French infrastructure providers. These attacks will not only affect French nationals, but also visitors and those watching from abroad.
“What we have noticed is that, in their excitement, eager fans often overlook potential risks when purchasing tickets, arranging accommodations, or buying memorabilia, making them easy targets for cybercriminals. Others, desperate to view specific events, are enticed by malicious websites offering free access, only to have their devices compromised or personal data stolen. And with the world’s media focused on the event, criminals with a political agenda are looking for a large audience for their message by disrupting a significant site or knocking critical services offline,” shared FortiGuard Labs, of Fortinet.
The department continued, expressing that notably, since the second half of 2023, they have seen a surge in darknet activity targeting France. “This 80% to 90% increase has remained consistent across the second half of 2023 and first half of 2024. The prevalence and sophistication of these threats are a testament to the planning and execution of cybercriminals, with the dark web serving as a hub for their activities.”
Documented activities include the growing availability of advanced tools and services designed to accelerate data breaches and gather personally identifiable information (PII), such as full names, dates of birth, government identification numbers, email addresses, phone numbers, residential addresses, and others. There has also been a rise in dark web advertisements for phishing kits and exploit tools customised specifically for the Paris Olympics.
Given that Russia and Belarus are not invited to this year’s games, the team have also seen a spike in hacktivist activity by pro-Russian groups—like LulzSec, noname057(16), Cyber Army Russia Reborn, Cyber Dragon, and Dragonforce—that specifically call out that they’re targeting the Olympic games. Groups from other countries and regions are also prevalent, including Anonymous Sudan (Sudan), Gamesia Team (Indonesia), Turk Hack Team (Turkey), and Team Anon Force (India).
The FortiGuard Labs team has also documented a significant number of typosquatting domains registered around the Olympics that could be used in phishing campaigns, including variations on the name (oympics[.]com, olmpics[.]com, olimpics[.]com, and others). These are combined with cloned versions of the official ticket website that take you to a payment platform where, once payment is processed, you don’t get a ticket, and your money is stolen.
In collaboration with Olympic partners, the French Gendarmerie Nationale (one of France’s two national law enforcement services) has identified 338 fraudulent websites claiming to sell Olympic tickets. According to their data, 51 sites have already been shut down, and 140 have received formal notices from law enforcement.
FortiGuard Labs strongly urges device users to install endpoint protection on all devices, taking extra care when connecting to public wireless networks, and using SASE services to encrypt your traffic.
FortiGuard Labs also recommended best security practices to safeguard individuals and organisations against cyberattacksemployee and user training and awareness, public awareness campaigns, protecting sensitive data, monitoring the external attack surface, enforcing multi-factor authentication & strong password policies and user endpoint protection.
In addition to celebrating athleticism and sportsmanship, the Paris Olympics 2024 is a high-stakes target for cyberthreats, drawing attention from cybercriminals, hacktivists, and state-sponsored actors. Cybercriminals are leveraging phishing scams and fraudulent schemes to exploit unsuspecting participants and spectators. Fortinet also anticipates increased targeted attacks against VIPs, including government officials, senior executives, and key decision-makers, and additional precautions should be taken.
