Major sporting events like the World Cup, Super Bowl, and Wimbledon attract millions, even billions, of viewers. Argentina’s shootout win over France in the final game of the Qatar 2022 World Cup reached a global audience of 1.5 billion viewers. And the Olympics, starting later this month in Paris, is the biggest of them all—with the 2020 Tokyo Olympics having attracted a worldwide audience of over 3 billion viewers.
These events are also prime opportunities for cybercriminals. Over the past decade, the number of cyberattacks targeting major events has surged, increasing from 212 million documented attacks at the London 2012 Games to a staggering 4.4 billion at the Tokyo 2020 Games. These attacks often have direct financial motives, such as scams, digital fraud, or the acquisition of valuable data from attendees, viewers, and sponsors. In their excitement, eager fans often overlook potential risks when purchasing tickets, arranging accommodations, or buying memorabilia, making them easy targets for cybercriminals.
Also read: Four Common Ways Cybercriminals Leverage ML to Launch an Attack
Others, desperate to view specific events, are enticed by malicious websites offering free access, only to have their devices compromised or personal data stolen. And with the world’s media focused on the event, criminals with a political agenda are looking for a large audience for their message by disrupting a significant site or knocking critical services offline.
Threat Actors Targeting the Paris 2024 Games
According to a new FortiGuard Labs analysis based on threat intelligence provided by FortiRecon, this year’s Olympics have been a target for a growing number of cybercriminals for over a year. Using publicly available information and proprietary analysis, this report provides a comprehensive view of planned attacks, such as third-party breaches, infostealers, phishing, and malware, including ransomware.
FortiGuard Labs has observed a significant increase in resources being gathered for the Paris Olympic Games, especially those targeting French-speaking users, French government agencies and businesses, and French infrastructure providers. Beginning the second half of 2023, we saw a surge in darknet activity targeting France. This 80% to 90% increase has remained consistent across 2H 2023 and 1H 2024. The prevalence and sophistication of these threats are a testament to cybercriminals’ planning and execution, with the dark web serving as a hub for their activities.
Also read: With Businesses Moving to the Cloud, Cybercriminals Keeping a Close Look
Hitting Critical Mass on Stolen Personally Identifiable Information
Documented activities include the growing availability of advanced tools and services designed to accelerate data breaches and gather personally identifiable information (PII), the sale of stolen credentials and compromised VPN connections to enable unauthorized access to private networks, and advertisements for phishing kits and exploit tools customized for the Paris Olympics. It also includes the sale of French databases that contain sensitive personal information, such as full names, dates of birth, government identification numbers, email addresses, phone numbers, residential addresses, and other PII, as well as combo lists (a collection of compromised usernames and passwords used for automated brute-force attacks) composed of French citizens.
Hacktivist Activity Spiking
Given that Russia and Belarus are not invited to this year’s games, we have also seen a spike in hacktivist activity by pro-Russian groups—like LulzSec, noname057(16), Cyber Army Russia Reborn, Cyber Dragon, and Dragonforce—that specifically call out that they’re targeting the Olympic games. Groups from other countries and regions are also prevalent, including Anonymous Sudan (Sudan), Gamesia Team (Indonesia), Turk Hack Team (Turkey), and Team Anon Force (India).
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.
