Paris 2024 Olympic Games: What cyber challenges lie ahead?

In a hyper-connected world, attracting visibility also means attracting cybercrime.

As the Games approach, cybersecurity issues are more critical than ever. Organisations must anticipate massive attacks, potentially 8 to 10 times more numerous than during the Tokyo Olympics, and prepare accordingly to protect their infrastructure and sensitive data. Discover the cyber challenges facing CISOs and their companies during this Olympic year.

The Olympic Games are the most watched sporting event in the world. They represent a wonderful opportunity to put an entire country in the spotlight by attracting audiences and media from around the world.

In an ultra-connected world, attracting visibility also attracts cybercrime.

This is essentially what Franz Regul, Head of Information Systems Security for the Paris 2024 Organising Committee, said: ‘Today, the entire organisation relies on technology. And wherever there is technology, there are cybersecurity issues and concerns.’

There is little doubt that the Olympic and Paralympic Games will be a playground for athletes, but also for cybercriminals around the world who will turn their attention to France. Contrary to what one might imagine, cyber attackers will not be content to target the event itself, but rather a much broader ecosystem of companies, institutions and individuals.

The volume of attacks is likely to be unprecedented. Experts estimate that we could face cyber threats potentially 8 to 10 times greater than during the 2021 Tokyo Olympics, during which no fewer than 450 million cyber attacks were recorded!

Who will carry out these cyberattacks, for what reasons, and with what means? How can we prepare for them? How can we ensure that we have sufficiently anticipated likely crises… in order to envisage the best possible outcomes?Des cyberattaques menées par qui, pour quels motifs, avec quels moyens ? Comment faire en sorte de s’y préparer ? Comment s’assurer d’avoir suffisamment anticipé de probables crises… pour envisager les meilleures issues possibles ?

A wide range of threats

Attacks for financial gain, hacktivism, destabilisation, espionage… Cybercrime takes many forms and can have various purposes: State groups carrying out destabilisation or sabotage actions for geopolitical purposes; independent groups of attackers with purely financial objectives, acting through phishing and ransomware campaigns; groups of hacktivists – whether or not they are in the pay of states – seeking to get their messages across to the widest possible audience.

Among the well-known cyber threats that we are likely to face during the 2024 Olympic Games are: DDoS attacks, which will certainly be used to disrupt the event; phishing emails, which will largely be contextualised around the Olympic Games; ransomware, which will certainly target companies operating in sensitive sectors or related to the event during the Olympic Games in order to put maximum pressure on their victims to obtain ransom payments; and website defacement by state or non-state hacktivists to promote ideological messages, propaganda, etc.

These are all formidable scenarios, and it is important to be prepared for them.

Like athletes, businesses need to train

Athletes train for months to be ready for the big day. For businesses, the metaphor is significant: they must not suffer or be overwhelmed when an attack occurs, or when a suspected breach or data exfiltration occurs. But are they as well prepared as our athletes?

During a cyberattack, time management becomes crucial, as the infection and its effects spread rapidly. Often, companies waste considerable time identifying and mobilising the right people, hindering their ability to make the right decisions quickly.

In the event of a cyber crisis, it is essential to have a crisis management team ready to respond. The first step in cyber crisis management training is to define the ‘core team’ or crisis unit, which will need to be assembled to organise and manage the crisis.

The core team and substitutes

The typical team is therefore the crisis unit (the core team) ready for action. Although this may vary depending on the company’s activities and structure, a typical team always emerges. It generally consists of the crisis manager, a crisis secretary (responsible for keeping a logbook recording the history of crisis management) and finally the key departments: Communications, HR, Finance, IT, not to mention the legal manager and the DPO, if there is one.

The replacements are not simply stand-ins; they play a crucial role. When they come into play, they bring additional expertise, cover a broader spectrum, or provide continuity during holidays or periods of unavailability. This means that its members (e.g. the sales director, operations directors and subsidiary or factory directors when involved, etc.) must be trained in the same way and be able to be mobilised quickly to take over.

The importance of training in real-life conditions

Once the team has been formed, it must have a game plan, otherwise known as a cyber crisis management plan (CCMP). This plan outlines the steps to be taken in the event of a cyberattack, whether from a governance perspective (who are the members of the unit, how to communicate continuously, make quick decisions, etc.), internal and external communication, organisational (operating without the Internet, without network access, working remotely or, conversely, requiring work to be done exclusively on site, etc.) and technical (system restoration and data recovery, etc.).

This strategic game plan for managing a cyber crisis must be regularly tested and revised to ensure its effectiveness and adapt to rapid changes within the company (employees, managers, tools, the company when it makes acquisitions, when it opens factories, new offices and subsidiaries, etc.). All of these developments increase the attack surface and make it more complex to respond to a cyberattack. With a well-designed crisis management plan, everyone knows their role, the rules and the right reflexes to act quickly.

A cyberattack is like a match or a competition. Preparing your team, understanding roles and mentally preparing for the situation will help you manage the pressure and limit the impact of the attack on your organisation, employees, customers and core activities. A cyberattack puts companies and their employees under extreme stress and uncertainty: it is therefore essential to train using role-playing, i.e. by simulating a realistic attack scenario (with simulated scenarios involving social engineering, intrusion, information system unavailability, data exfiltration, disinformation on social media, etc.). This empirical approach makes it possible to assess the company’s level of preparedness and improve emergency management processes.

Of course, the analogy with sport has its limits. The crisis management team does not need daily or weekly training. Exercises carried out every 6 to 12 months help to keep the team motivated and ensure that all its members are prepared and informed.

Advancing organisational resilience

The Olympic Games are a highlight of 2024, a critical year for the cybersecurity of French companies. New regulations such as DORA and NIS 2 are signs of a digital transformation that is continuing at high speed, bringing with it its share of threats and attacks. Accepting cyber risk means preparing for it: like athletes, let’s train to be ready and not fail on the day of the event.

Knowing how to deal with cyberattacks does not earn you a medal, but it can save your company from serious economic and reputational consequences. It is by training ourselves in cyber crisis management that we will know how our resilience is progressing. The benefits in terms of peace of mind, confidence and cohesion within organisations will be the just rewards.

Article written by IT for Business.