Web applications and other internet-connected assets associated with the 2024 Summer Olympics in Paris appear to be better protected from cyber-attacks than previous major sporting events such as the 2022 FIFA World Cup in Qatar .
However, given the significant interest in this event from hacktivists, cybercriminals, nation-state groups, and other threat actors, several gaps remain that could be problematic. For example, during the Olympics to be held in Japan in 2021, such a malicious actor will launch an astonishing 450 million attacks against his infrastructure online related to the Olympics. did.
Alarming Olympic security gap
Outpost24 researchers We recently mapped our entire internet-facing footprint Something related to the 2024 Olympics. This includes investigating all domains, subdomains, hosts, web applications, and third-party cloud resources. Their assessment found that the Olympic external attack surface was less susceptible to compromise compared to what was found when they conducted a similar assessment before the 2018 FIFA World Cup soccer match in Russia. It was concluded that it is safer than
Gaps they found in Olympic's infrastructure included several open ports, SSL misconfigurations, security header issues, domain squatting, and privacy issues such as cookie consent violations. Stijn Vande Casteele, his CSO for Outpost24's external attack surface management group, said this issue gives attackers an opportunity to penetrate attack surfaces that appear to be relatively well protected. says.
For example, if an attacker finds a website that returns a 404 error indicating an expired certificate or a broken URL, they might enumerate other flaws.
“The lack of control over basic IT and cyber hygiene has been highlighted [of attackers] Similarly, the domain occupancy issue discovered by Outpost24 could portend an increase in Olympic-themed phishing campaigns due to credential theft and other malicious reasons.
“The Olympics are a high-profile event and the biggest sporting competition in the world,” Vande Castile said. This makes it a big target for attackers. “As an organization, we want to thwart their actions by operating a secure and highly secure digital footprint.”
According to Vande Casteele, the Paris 2024 Olympic organization operates over 700 domains and over 800 external web applications residing on over 16 different cloud providers. Currently, the systems connected to the game span his nine countries in the EU, Asia, and North America.
”[Given] “Staying on top of all the variability and dynamic characteristics of an attack surface of this complexity is a real challenge for organizational risk and security stakeholders,” he says.
Cyber is the biggest concern
Cybersecurity has become a top concern among French Olympic officials, as well as organizers of other major sporting events. super ball.
In recent articles, politiko ANSSI, France's main cybersecurity agency, said it started preparing for the event two years ago, carrying out extensive penetration testing and awareness campaigns, among other things. The head of ANSSI told Politico that the goal is not to block 100% of the attacks that are certain to occur at the start of the tournament, but to block most of them. Authorities do not want a repeat of what happened during the 2018 Winter Olympics in Pyeongchang, South Korea, when suspected Russian attackers used a malware tool called “.olympic destroyer” Massively disrupt Wi-Fi and other communication services during the opening ceremony.
There is also concern about the threat of organized terrorism and cyberattacks aimed at destroying critical security and surveillance systems around the Games. During the 2021 Tokyo Olympics, threat actors launched a staggering 450 million attacks against various Olympic-related targets.in the comments to new york times Earlier this month, Olympic cybersecurity chief Franz Regl said his team expected to face between eight and 12 times that number of attempts at this year's Olympics.
As part of preparations for the attack, Regulu's team has conducted a number of wargames in collaboration with technology partners and analysts from the International Olympic Committee. It has also introduced a bug bounty program to reward researchers who discover exploitable vulnerabilities in the technology infrastructure supporting the tournament, the Times reported.
Diversity, sophistication and sustainability
No one knows how effective these measures will be once the Olympics begin. Steven Baer, vice president of field sales and services at NetWitness, said his team has developed a course of action and attack kill chain to stop and contain known threats when they occur. I fully expect it to be implemented. Their threat intelligence efforts will likely be focused on new emerging trade technologies, Baer says, and incident response teams will be on standby and ready to take action if necessary. . 2022 FIFA World Cup Soccer Match In Qatar.
“We expect the cybersecurity threats targeting the 2024 Paris Olympics to be diverse, sophisticated, and persistent,” Baer added. “We expect cyberattacks aimed at stealing sensitive data, destroying critical infrastructure, disrupting business operations, extorting money, and spreading propaganda and misinformation.
“The Olympics are a prime opportunity for cybercriminals, nation-state actors, hacktivists, and terrorists to exploit vulnerabilities in a high-profile event that draws audiences around the world.”
Geopolitics is another factor, Vande Castile said. The Israeli-Palestinian conflict and the war between Russia and Ukraine are both likely to influence the nature of the threat posed to the Games by state-sponsored cyber actors. “For example, it is worth highlighting that Russia has been banned from participating in the Games, which inherently poses a serious threat to the host country and the Olympic organization.” [infrastructure]” says Vande Castile.
Phishing campaigns targeting the general public, DDoS attacks against organizations, and espionage against prominent individuals and organizations are also common during high-profile events like the Olympics, he said. “One thing is certain: these events expand the attack surface and provide the perfect timing for attacks, whether politically or economically motivated.”
Vande Casteele likens the challenges of securing the ever-changing digital footprint of the Olympic Games to building and securing a giant house in a relatively short period of time.
“Every day new floors are added and windows and doors are built,” he says. “There are so many different people involved that after a while there is a lack of oversight and you forget how many windows and doors there are.”
