The Paris Olympics 2024 is a high-stakes cyberthreat target, drawing attention from cybercriminals, hacktivists, and state-sponsored actors.
According to a new FortiGuard Labs analysis based on threat intelligence provided by FortiRecon, this year’s Olympics have been a target for a growing number of cybercriminals for over a year. Using publicly available information and proprietary analysis, this report provides a comprehensive view of planned attacks, such as third-party breaches, infostealers, phishing, and malware, including ransomware.
FortiGuard Labs has observed a significant increase in resources being gathered for the Paris Olympic Games, especially those targeting French-speaking users, French government agencies and businesses, and French infrastructure providers. Beginning the second half of 2023, we saw a surge in darknet activity targeting France. This 80% to 90% increase has remained consistent across 2H 2023 and 1H 2024. The prevalence and sophistication of these threats are a testament to cybercriminals’ planning and execution, with the dark web serving as a hub for their activities.
Phishing kits: While phishing is perhaps the easiest form of attack, many low-sophistication cybercriminals don’t know how to create or distribute phishing emails. Phishing kits provide novice attackers with a simple user interface that helps them compose a convincing email, add a malicious payload, create a phishing domain, and procure a list of potential victims. The addition of text-generating AI services has also eliminated the spelling, grammatical, and graphical errors that allow recipients to detect an email as malicious.
The FortiGuard Labs team has also documented a significant number of typosquatting domains registered around the Olympics, including variations on the name (oympics[.]com, olmpics[.]com, olimpics[.]com, and others). These are combined with cloned versions of the official ticket website that take you to a payment gateway where you lose your money and don’t get a ticket. In collaboration with Olympic partners, the French Gendarmerie Nationale has identified 338 fraudulent websites claiming to sell Olympic tickets. According to their data, 51 sites have been shut down, and 140 have received formal notices from law enforcement.
Infostealers: Information stealer malware is designed to stealthily infiltrate a victim’s computer or device and harvest sensitive information, such as login credentials, credit card details, and other personal data. We have also observed that threat actors are deploying various types of stealer malware to infect user systems and obtain unauthorized access. Threat actors and initial access brokers can further leverage this information to execute ransomware attacks, causing substantial harm and financial loss to individuals and organizations.
“The Paris Olympics 2024 is a high-stakes cyberthreat target, drawing attention from cybercriminals, hacktivists, and state-sponsored actors. Cybercriminals are leveraging fake ticketing platforms, fraudulent merchandise, and identity theft tactics to exploit unsuspecting participants and spectators. The main goal is to target infrastructure, media channels, and affiliated organizations to disrupt event proceedings, undermine credibility, and amplify their messages on a global stage. Major events like the Olympics are good reminders that we all need to remain vigilant against cyberthreats. We recommend following best security practices to safeguard yourself and your organization against cyberattacks.” Vishak Raman, Vice President of Sales, India, SAARC, SEA & ANZ at Fortinet.
Do Follow: CIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter
About us:
CIO News is the premier platform dedicated to delivering the latest news, updates, and insights from the CIO industry. As a trusted source in the technology and IT sector, we provide a comprehensive resource for executives and professionals seeking to stay informed and ahead of the curve. With a focus on cutting-edge developments and trends, CIO News serves as your go-to destination for staying abreast of the rapidly evolving landscape of technology and IT. Founded in June 2020, CIO News has rapidly evolved with ambitious growth plans to expand globally, targeting markets in the Middle East & Africa, ASEAN, USA, and the UK.
CIO News is a proprietary of Mercadeo Multiventures Pvt Ltd.
