SAINT-DENIS, France – Just like the Olympic athletes, the cyber warriors who will be crucial to the success of the Paris Games are in full training for the big event.
They turned to friendly hackers to test their cyber defenses, like boxers using sparring partners to prepare them for a championship fight. They studied and analyzed their opponents’ strengths, tactics, and weaknesses. They could be anyone from flashy teenagers and ransomware gangs to Russian military hackers with a history of malicious cyberattacks.
But unlike the 10,500 Olympians who will converge on the French capital in July, the cybersecurity engineers behind the Games hope to stay out of the spotlight. For them, the equivalent of a medal will be going through the Olympics – and Paralympics – without major incidents. It would mean that its layers of digital defenses would resist attempts to paralyze computer and information systems vital to the Games.
“My dream for the Olympics is that there is no talk about technology and cybersecurity, because that will mean that it will not be a problem,” said Jérémy Couture, who heads the cybersecurity center for the Paris Games organizers. His work detecting, analyzing and responding to cyber threats is so sensitive and critical to the success of the Games that event organizers keep his location secret.
While those responsible for preventing cyberattacks during the Games are unwilling to divulge many details about their work, they have no doubt that malicious hackers will keep them busy this summer. These can range from cybercriminals to rowdy thrill-seeking teenagers to Russian military intelligence agents with a history of damaging cyberattacks.
The objectives are not limited to the Games themselves, but also to essential infrastructure for them, such as transport networks or supply chains.
Attackers may include “hacktivists” seeking to make a political statement and cyberextortionists bent on profit. And often these days, it can be difficult to distinguish a hacktivist from a state-sponsored cyber operator masquerading as one.
Among the most threatening cyber adversaries are countries that may seek to embarrass and cost France and the International Olympic Committee with proven offensive hacking techniques. Russia is at the top of the list of suspects.
Because of Russia’s ongoing war in Ukraine, Olympic organizers have banned it from competing in team events at the Paris Games and will only allow some individual Russians to compete as neutrals. Russia also has problems with France for supplying weapons and military training to Ukraine and because it has become one of Moscow’s fiercest critics in Europe.
Vincent Strubel, who heads France’s national cybersecurity agency, known by its French initials, ANSSI, called the level of cyber threats facing the Games unprecedented.
“There will be cyber attacks during the Games and the Paralympics,” Strubel said at a news conference on Friday. “Some will not be serious. Some will be serious, but will have no impact on the Games. And maybe there are some that are serious and could have an impact on the Games.”
He said the agency has trained “tremendously” and more than ever before, so things will go well. “I think we managed to stay one step ahead of the attackers.”
Although Strubel singled out Russia as one of the actors attacking France “on a somewhat recurring basis,” he said it made no sense to focus on one actor in particular. “We are preparing for anything.”
A particularly aggressive unit of the Russian military intelligence agency GRU, nicknamed Sandworm, is blamed by Western nations for using malware dubbed “Olympic Destroyer” to disrupt the opening ceremony of the 2018 Winter Games in Pyeongchang, South Korea. It is the same unit accused of the so-called cleansing attacks on Ukraine’s power grid and the 2017 NotPetya virus, which caused more than $10 billion in damage worldwide.
Cybersecurity teams in Paris sought to learn from these experiences, consulting with technicians who also worked in Pyeongchang.
Swedish cybersecurity firm Outpost24 largely approved Paris’ preparations in a report this week, but said its research still found gaps in the Games’ online infrastructure. The classification given was “not exactly a gold medal, but certainly a silver”.
“Just as pickpockets and ticket sellers target groups of tourists, cybercriminals will be aware of the increase in online traffic for the Paris 2024 games and hope to profit,” the report said.
___
AP Technology Writer Frank Bajak in Boston contributed.
___
AP Olympics Coverage:
This story originally appeared on ABCNews.go.com read the full story
/cdn.vox-cdn.com/uploads/chorus_asset/file/23318439/akrales_220309_4977_0324.jpg?w=300&resize=300,300&ssl=1)
