With the Paris 2024 Olympics just around the corner, cybercriminals are gearing up for what could be a record-setting wave of cyberattacks. Major sporting events like the World Cup, Super Bowl, and Wimbledon have always attracted millions of viewers and cybercriminals alike, but the stakes are higher than ever. The Tokyo 2020 Olympics saw a staggering 4.4 billion cyberattacks, up from 212 million during the London 2012 Games. This trend continues as the Paris Games draw closer, with FortiGuard Labs reporting an alarming increase in cybercriminal activity targeting the event.
Rise in Cyber ThreatsAccording to FortiGuard Labs, there has been an 80% to 90% surge in darknet activity targeting French organizations since the second half of 2023. This uptick is attributed to the upcoming Olympics, with cybercriminals increasingly focusing on French-speaking users, government agencies, businesses, and infrastructure providers. The dark web serves as a hub for these malicious activities, with significant resources being amassed to exploit the global event.
Targeted Attacks and MethodsFortiGuard Labs’ analysis reveals various planned attacks, including third-party breaches, infostealers, phishing, and ransomware. Threat actors are particularly interested in stealing personally identifiable information (PII), with advanced tools and services being sold to accelerate data breaches. These tools include stolen credentials, compromised VPN connections, phishing kits, and exploit tools customized for the Paris Olympics. French databases containing sensitive information like full names, dates of birth, government identification numbers, email addresses, phone numbers, and residential addresses are being traded on the dark web.
Hacktivist ActivityHacktivist groups, especially pro-Russian entities such as LulzSec, noname057(16), Cyber Army Russia Reborn, Cyber Dragon, and Dragonforce, have announced their intentions to target the Paris Games. Other groups from Sudan, Indonesia, Turkey, and India, including Anonymous Sudan and Team Anon Force, are also preparing to launch attacks. These groups aim to disrupt the Olympics to promote their political agendas, taking advantage of the global media coverage to amplify their messages.
Phishing and InfostealersPhishing remains a prevalent threat, with many cybercriminals using phishing kits to craft convincing emails and websites. FortiGuard Labs has identified numerous typosquatting domains that mimic official Olympic sites, tricking users into revealing personal information or making fraudulent payments. Over 338 fraudulent websites claiming to sell Olympic tickets have been identified, with 51 sites shut down and 140 receiving formal notices from law enforcement.
Infostealer malware, designed to harvest sensitive data from victims’ devices, is also on the rise. Raccoon, Lumma, and Vidar are among the most active infostealers in France, with Raccoon accounting for 59% of detections. These malware-as-a-service (MaaS) offerings are popular on dark web forums, enabling cybercriminals to steal browser autofill passwords, cookies, credit card details, cryptocurrency wallets, and more.