France’s cyber security agency, Anssi, maintained a heightened state of alert during the Olympic Games in Paris, monitoring for potential cyberattacks that could disrupt various operations, including ticketing and transport. Between July 26 and August 11, Anssi documented a total of 119 low-impact “security events” and 22 incidents where malicious actors successfully breached information systems. These attacks predominantly targeted government entities and key infrastructure sectors such as sports, transport, and telecommunications.
Anssi reported that approximately one-third of these incidents resulted in downtime, with around half caused by denial-of-service attacks intended to overwhelm servers. Other incidents involved attempted or actual compromises and data disclosure. Overall, the agency characterized these cyber events as low impact, indicating that while they were notable, they did not significantly disrupt Olympic operations.
Despite the proactive measures, the Grand Palais, which hosted some Olympic events, along with around 40 museums in France, fell victim to a ransomware attack in early August. Fortunately, this incident did not affect any of the information systems related to the Games. Ransomware attacks, which encrypt and block access to computer systems while demanding a ransom, are a growing concern, particularly in the context of high-profile events.
Leading up to the Olympics, Marie-Rose Bruno, the director of technology and information systems for the Paris Games, had anticipated a substantial increase in cyber threats, estimating that the Games would experience eight to ten times more cyberattacks than the Tokyo Olympics in 2021. In that event, organizers reported around 450 million cyber operations, illustrating the evolving and escalating nature of cyber threats in the context of global sporting events.
Reference:
