By Brian Pinnock, vice president of sales engineering at Mimecast

he World Economic Forum expects the 2024 Olympic Games in Paris to attract 15 million spectators, welcome to attend events for the first time since 2020, spending around 11 billion duro in a coliseum for cyberattacks.

Prime target for cybercriminals

Cybercriminals constantly stalk large gatherings – the Olympic Games is not immune to their attacks. With a massive inflow of trade and data in one location, it is an attractive target for bad actors. During the 2021 Olympic Games, Japan suffered almost 450 million attempted cyberattacks in two weeks. The International Olympic Committee expects cyberthreats to increase tenfold this year. Experts predict more than four billion cyberattacks compared with 450 million in 2021.

Indeed, as the Olympics is among the most high-profile events in the world, visitors are prime targets for hackers who find opportunities for massive gains in such high-visibility platforms. With France at centre stage while geopolitical conflicts rage around the world, the Olympics will be targeted by state-sponsored hackers who would like to see the event fail.

Attacks can take many forms: from fake rental adverts to the sale of counterfeit bank notes. Monitoring scams, the French Ministry of the Interior’s cybercrime investigators have identified over 80 fraudulent sites offering fake tickets for sale (40 have been shut down). Another major vulnerability is in the distribution of tickets by e-mail with QR codes subject to squishing (a phishing method used by cybercriminals to redirect their victims to fraudulent links via a QR code). This fast-growing method of cyberattack proves that attackers are constantly seeking new ways to deceive users and circumvent security measures. The Olympics is also an excellent opportunity for cybercriminals to cause major damage by exploiting its high media profile with a concentration of sensitive data and technological infrastructures.

The human factor at the heart of information security

The cybersecurity of the government-sponsored Olympics cannot rest on the shoulders of a single entity. In a world with 99% of technologies emanating from the private sector, collaboration is essential.

The cybersecurity of state institutions is not necessarily cause for concern. The organisers of the Olympics are vulnerable without experienced people recognising cybersecurity threats. As such, cybersecurity depends on individual responsibility reinforced by a collective global approach.

E-mail security is crucial as this is the primary communication channel. It is imperative to reinforce defences at individual level. An attack is created at the lowest common denominator: for the Olympics, this means every person involved in the event. With thousands of people employed temporarily, awareness and protection of each person’s data systems is essential. It is crucial to adopt a collective approach, promoting information sharing and team spirit. The fight against cybercrime is like rugby: a combat sport with invaluable collaborative methods to defeat opponents.

Against efforts to anticipate and manage attacks, cybercriminals are redoubling their efforts to achieve their goals. During the 2018 Olympics in South Korea, several cyberattacks were recorded – the most notable was the “Olympic Destroyer” attack, which disrupted the opening ceremony by targeting IT systems with impact on the internet network, television broadcasting and ticket management. This incident highlighted the vulnerability of sports events to cyberattacks and underlined the growing importance of cybersecurity.