As the Paris 2024 Olympics approach, the excitement is palpable. Athletes from around the globe are gearing up to compete for gold, and behind the scenes, cybersecurity teams are preparing for their own version of the games. Just like athletes, CISOs and their teams must train, strategize and stay sharp to ensure a safe and secure event.
In 2022, the Supreme Committee for Delivery & Legacy partnered with Palo Alto Networks Unit 42 to secure the football World Cup in Qatar. The event's global scale made it a high-priority target for ransomware, state-sponsored attacks and threat actors looking to disrupt the games. Ensuring smooth operations during the event required thorough cybersecurity preparation and was crucial in maintaining a secure environment amidst the heightened cyberthreat landscape. We carried forward these experiences when introducing the Unit 42 Paris 2024 Cyber Vigilance Program.
Choose the Right Coach
Every great athlete has a coach, and for the Paris 2024 Games, Unit 42 was the cybersecurity coach for many organizations through the Unit 42 Cyber Vigilance Program. This invitation-only program delivers advanced threat intelligence, real-time threat monitoring and incident response expertise to help ensure a safe and secure experience while providing a blueprint for CISOs to secure their organizations against emerging cyberthreats.
The program delivers:
- Threat Intelligence – Unit 42 gathered global threat intelligence and delivered the Cyberthreats to Paris 2024 Threat Report to stay ahead of potential threats, ensuring they know their opponent’s likely moves before they make them.
- Crisis Simulations – Just as practice makes perfect, the Unit 42 team hosted CISOs for a day of scenario-based simulations, derived from recent cyber incidents, ensuring they were well prepared to navigate security challenges that they could potentially face.
- Incident Response – All participants were provided with a Unit 42 Incident Response Retainer. In addition, Unit 42’s incident response team will be on ready-standby to respond if any malicious activity occurs that requires additional expertise.
- Continuous Monitoring – Unit 42 will have a Special Operations Room in Paris, staffed with Incident Response and Threat Intelligence experts that will continue monitoring threats in real-time and providing updates to program members.
Understand Your Competition
Just as athletes must thoroughly understand their competition to prepare effectively, organizations supporting the Paris 2024 Olympics must recognize and mitigate these cyberthreats to ensure the event's success. The Unit 42 report on Cyberthreats to the Paris 2024 Olympics highlights the various risks that could disrupt the event:
- Financially Motivated Cybercrime – Financially motivated crime is likely to present the highest and most sustained threat throughout the event, with cyber-enabled fraud being a particularly prevalent means to obtain illicit funds from enterprises and individuals alike. While ransomware operators are less likely to target the Olympics directly, an attack on a widely used third party could cause significant disruption to the Games or local services.
- Cyber Disruption by State-Sponsored Actors & Hacktivists – Politically motivated digital sabotage by both state-sponsored threat actors and hacktivists is likely a top concern, given previous incidents at past games. There is a high potential for geopolitical tensions surrounding the event and the ability for such a virtual attack to cause severe disruption or even physical harm. Russian-aligned cyberthreat actors remain a particular concern in this area.
- Espionage – Cyber Espionage, although less overt, remains a concern, particularly regarding state-sponsored threats conducting digital surveillance on dissidents, activists or persons of interest.
Preparation — the Key to Success
No athlete should jump into competition without a proper warm-up, and no CISO should approach a major event without thorough preparation. Cyberthreats don’t stretch or jog, but they certainly can cause pain if you're not properly prepared. With its global attention, the Paris 2024 Olympics is a prime target for cybercriminals.
CISOs and their teams play a pivotal role in safeguarding the integrity and success of such high-profile events. To enhance preparedness and resilience, ensure the safety of critical services and protect sensitive assets during the Olympics, CISOs should take specific precautions:
- Deploy Advanced Threat Detection Solutions – Identify and block intrusion activities and conduct regular training and simulation exercises for incident response teams to ensure preparedness.
- Ensure Complete Visibility of Your Attack Surface – 75% of ransomware attacks and breaches fielded by Unit 42’s Incident Response Team result from a common culprit – internet-facing attack surface exposure. Deploying solutions that provide centralized, near real-time visibility can help organizations identify and mitigate vulnerabilities before they can be exploited.
- Monitor Abnormal Activity – Strengthen monitoring systems to detect and respond to suspicious activities in real-time. Don’t forget to monitor for unusual access to your cloud environments, as threat actors are increasingly exploiting them.
- Protect Your Supply Chain – Prevent vendor cybersecurity gaps from disrupting operations and impacting your operations. Regularly audit and monitor cybersecurity practices of vendors to ensure they comply with security standards and are not vulnerable to exploitation.
- React Quickly – Moving quickly to address security alerts can significantly limit damage. Security teams take an average of about six days to resolve a security alert, and over 60% of organizations take longer than four days to resolve security issues. Establish communication channels with relevant stakeholders, including government agencies, law enforcement and other organizations involved in the event, and participate in threat intelligence sharing initiatives to stay informed about emerging threats and best practices.
- Maintain an Incident Response Plan – Develop and regularly update incident response plans tailored to the specific threats identified in the report. Organizations that continuously review, update and test their incident response plans (ideally with input from cybersecurity experts) are much more likely to respond effectively to and contain an active attack.
Let the Games Begin
The countdown to Paris 2024 has begun and so has the urgency to bolster cyber defenses. The Unit 42 Paris 2024 Cyber Vigilance Program stands as a testament to the power of proactive cybersecurity strategies in protecting global events. Whether protecting a global event or ensuring smooth operations during “normal” conditions, by learning from past experiences and implementing cutting-edge security measures, CISOs can help ensure their organizations are well prepared to face the challenges ahead.
For more information about Unit 42, please visit the Unit 42 page, and for the latest threat intelligence, go to our Unit 42 Threat Research page.