News

Healthcare institutions: what are the challenges of cyber claims during the Olympic Games?

15 July 2024

Healthcare institutions: cyber challenges during the Olympics

It’s not just the athletes who are preparing for the Olympic Games. Indeed, healthcare institutions are likely to find themselves on the front line of the cyber threats that could characterize the Olympic period.

According to official figures from the Paris City Hall, more than 16 million visitors are expected for this exceptional sporting event. The massive influx of visitors is an additional challenge for an already tested health system that is vulnerable to cyber risk, but also a challenge for France’s international image .

Faced with this exceptional situation, cyber crisis management is proving to be a major challenge for healthcare institutions in the regions concerned by the Olympic Games. Implementing rapid response protocols, raising awareness and training of staff, collaboration with health agencies and local authorities are among the essential measures to maintain continuity of care in the event of an incident.

How are hospitals prepared for these incidents in the context of the Olympic Games? Why is the healthcare sector attractive to cyberattackers, especially during this time? What cyber threats are likely to target healthcare facilities? What are the prospects for insurers? This article aims to provide an answer to these questions, a few days before the opening ceremony of the Paris Olympic Games.

During the round table that we moderated with Alcyconie, Sekoia.io and Filigran on the cyber issues related to the Olympic Games, the issue of healthcare institutions was addressed by Stéphanie Ledoux (CEO of Alcyconie – a company specialising in cyber crisis management) and by Alexandre Dieulangard (Co-founder and COO of Citalid). This article is based on the perspectives they shared during this exchange (full replay here).

In addition, our team of Cyber Threat Intelligence experts recently published a report on the state of the threat targeting public and private healthcare institutions in France, Germany, Italy and Spain. This publication is valuable for better understanding cyber threats and making informed decisions to act on cyber risk.

Health and digital: what are the particularities?

Over the past decade, digital technology has become essential in the care pathway, including making appointments, consulting test results and using connected medical technologies. This transformation offers various advantages, such as the reduction of medical deserts, a reduction in waiting times and better administrative management of patients.

However, this digitalization also creates increased vulnerabilities that can be exploited by cyberattackers. The interconnection of hospital information systems, the diversity of software and connected objects, as well as the shortage of technical staff complicate data security. Healthcare providers often lack cybersecurity training, and budget constraints and the use of shadow IT exacerbate these vulnerabilities.

Healthcare facilities are part of a complex supply chain, with many external providers bringing their own vulnerabilities. Cyberattacks can come from service providers not directly interconnected with hospitals, such as catering providers. Managing these external risks is a challenge for insurers and healthcare institutions, due to the complexity of contracts and the number of suppliers involved. Hospitals developing IT solutions for other facilities can also become vectors for cyberattacks, further complicating cybersecurity management.

Ransomware, data extortion, DDoS: what cyber threats can we expect?

Because of their international reach, the Olympic Games are a prime time for cyberattackers, who may be tempted to take advantage of the influx of foreign visitors and the media coverage of the event to attack critical infrastructure. Healthcare establishments are therefore not exempt from cyber risk during this very special period.

“Hospitals remain a target of opportunity for many IT attackers,” says Alexandre Dieulangard. A number of attack modus operandi (MOA) are motivated by the lure of profit related to the value of sensitive data that is collected by hospitals. The most likely attacks on healthcare facilities during the Olympic period are ransomware, data extortion and DDoS – attacks that can combine with each other to increase the level of pressure on the facilities that fall victim to them.

What do these attacks have in common? They rely on two levers characteristic of healthcare institutions to achieve their final profit objective:

  • The need to maintain continuity of care for the well-being of patients;
  • The potential harm to patients if their health data is disclosed.

In the context of the Olympic Games, Alexandre Dieulangard also believes that there is a risk that these attacks will be instrumentalised for disinformation purposes by actors who would seek to degrade the image of France as a host country.

As part of the round table, he mentioned the potential of a scenario of massive leakage of health data: “In this case, we are sure that propaganda networks would amplify and highlight the fact that France is not able to protect its own population and the tourists present. This disclosure scenario would be critical insofar as other cybercriminals will not hesitate in the days following the publication of this sensitive data to extort the patients mentioned in the databases.”

During the Olympic period, a “domino effect” is therefore to be expected in the event of a cyberattack on one or more health facilities, with cyberattackers with lucrative and ideological motivations.

How is the hospital sector prepared for the Olympic period?

“The worst-case scenario would be to have the IT resources that completely fail us in a hospital, but quite sincerely, the Olympic Games have allowed us to raise the level of security of our hospitals,” reassures Frédéric Valletoux, Minister of Health in an interview with Le Parisien.

Unfortunately, French healthcare institutions did not wait for the Olympic Games to be targeted by cyberattackers and the authorities have already become aware of the ability of computer incidents to alter the continuity of the care pathway. Also, in 2023, the Ministry of Health and the Regional Health Agency (ARS) set up the CaRE ( Cybersecurity Acceleration Resilience of Establishments) programme, aimed at protecting establishments from the cyber threat. This can be summarized in 4 points:

  • Structuring cybersecurity governance in the healthcare sector;
  • Encourage the development of the cyber service offer;
  • Provide the necessary educational resources to management, CISOs and CIOs to raise awareness of cybersecurity among staff;
  • Improve the operational security of institutions.

In concrete terms, this program has resulted in an intensification of cyber incident training within hospitals. During our round table dedicated to the issue of the Olympic Games, Stéphanie Ledoux spoke about the situation of health facilities, on the front line in the smooth running of this sporting event with a global scope: “Training was an obligation for them in 2023-2024, but there is additional cyber training for the establishments located in the regions that will host the Olympics. (…) We can be reassured: the staff of health establishments are part of this type of actor who knows how to manage emergencies and complex situations.”

Apart from this programme, the ARS also has a CERT Santé, a support service for the management of cyber threats. Its mission is to support health and medico-social establishments in the management of information systems security incidents, while ensuring prevention and warning against cyber threats. It provides recommendations to minimize the impact of cyberattacks through various educational and awareness-raising content. It therefore helps to strengthen collective resilience against cyber threats, which can lead to declines in healthcare activity, financial losses and an impact on trust in the healthcare system.

What does the risk of multiple attacks on the healthcare sector represent for cyber insurers?

First of all, it is important to note that many insurers do not want to insure healthcare establishments, and more particularly hospitals because they are considered too risky. Various factors explain this positioning, but we can remember in particular:

  • A loss frequency perceived as too high, due to a high volume targeting and resilience considered too low by insurers.
  • This potential increased severity, particularly in the context of ransomware attacks or data disclosures.

Therefore, we must ask ourselves the question of the very existence of a significant impact on the insurance market of a multiplicity of claims in this sector. The general insurance penetration rate in France is relatively low, with a premium volume collected of less than €350 million according to the Lucy report – 2024 edition produced by AMRAE.

Thus, the risk represented varies according to the composition of the portfolio of insurers who are still seeking to perfect the principle of risk pooling. But we can roughly distinguish two scenarios:

The first is the portfolio of a general insurer that covers a multitude of sectors, including healthcare facilities. The impact on its portfolio depends above all on the intensity of the claims if we consider that the share of this sector in its portfolio remains marginal.

The second is the portfolio of a specialist insurer where healthcare establishments occupy a significant or majority part of its portfolio of policyholders. So the impact on your portfolio of a risk of multiple attacks can be much greater in terms of the frequency, but also the potential severity of the claims. At the level of a sector, and if a multitude of health actors have common economic, logistical or technological links, then we could consider this type of scenario to be a disaster scenario like natural disasters (Cat Nat. or Cat Cyber.)

In conclusion, the period of the Olympic Games represents a considerable challenge for healthcare institutions in France, both from the point of view of cybersecurity and the management of the massive influx of visitors. The digitalization of the healthcare sector, while it has brought many benefits, exposes hospital systems to increased vulnerabilities that can be exploited by cyberattackers. They see this global event as an opportunity to carry out lucrative and potentially destabilizing attacks, targeting both critical infrastructure and sensitive patient data.

However, initiatives such as the CaRE programme show that health authorities and institutions are aware of these threats and are actively working to build their resilience. Intensified cybersecurity training, governance structuring and the development of cyber services are all helping to prepare hospitals for the cyber challenges of the Olympic period.

It is crucial for healthcare institutions to maintain this vigilance and continue to invest in cybersecurity, not only to protect continuity of care, but also to preserve France’s image on the international stage. The collaboration between the authorities, cybersecurity experts and hospital staff will be decisive in ensuring the safety and serenity of all during this exceptional event.

Article written by the Citalid teams.

Information systems security (PACS) support and consulting provider qualified by the ANSSI.

Dive into our case studies

See the case studies

Contact us

Want to know more? To be contacted again? Click here!

See the training

Our news

Alcyconie in the press

View All

Read the article

Resilience in the era of AI: the delicate art of balance - Maddyness
Press

Resilience in the era of AI: the delicate art of balance - Maddyness

4 December 2025

Read the article

When cognitive psychology sheds light on cyber crisis management
Blog

When cognitive psychology sheds light on cyber crisis management

6 November 2025

Read the article

Ransomware, Confusion, and Critical Decisions: A Cyber Crisis Simulation Autopsy - Alliancy
Press

Ransomware, Confusion, and Critical Decisions: A Cyber Crisis Simulation Autopsy - Alliancy

1 September 2025

Suspicion of crisis? Alert our teams!