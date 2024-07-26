In other cybersecurity news …

With the 2024 Paris Olympics now under way in France, FortiGuard Labs observed a significant increase in resources being gathered leading up to the event, especially those targeting French-speaking users, French government agencies and businesses, and French infrastructure providers.

Notably, since the second half of 2023, FortiGuard Labs saw a surge in darknet activity targeting France. This 80% to 90% increase remained consistent across the second half of 2023 and the first half of 2024. The prevalence and sophistication of these threats are a testament to the planning and execution of cybercriminals, with the dark web serving as a hub for their activities.

Documented activities include the growing availability of advanced tools and services designed to accelerate data breaches and gather personally identifiable information (PII), such as full names, dates of birth, government identification numbers, email addresses, phone numbers, residential addresses and others. For example, FortiGuard Labs is seeing the sale of French databases that include sensitive personal information, including the sale of stolen credentials and compromised VPN connections to enable unauthorized access to private networks.

Researchers are also seeing a rise in advertisements for phishing kits and exploit tools customized specifically for the Olympics, as well as combo lists (a collection of compromised usernames and passwords used for automated brute-force attacks) comprised of French citizens.

FortiGuard Labs anticipates hacktivist groups will focus on entities associated with the Olympics to disrupt the event, targeting infrastructure, media channels and affiliated organizations to disrupt event proceedings, undermine credibility and amplify their messages on a global stage.

Other cyber experts agree the Olympics will be a good target for cybercriminals.

Patrick Tiquet, vice president of security and architecture at Keeper Security, said the Olympics are a particularly attractive target for cybercriminals due to the global attention and massive scale of the event.

Keeper Security's Patrick Tiquet

“The convergence of international visitors, extensive media coverage and the reliance on critical infrastructure make it an ideal environment for cyberattacks,” he said. “Threat actors can exploit the high volume of online transactions, communication and data exchange to steal sensitive information, disrupt operations or launch misinformation campaigns. The potential for widespread chaos and the high-profile nature of the Olympics amplify the impact of any successful attack, making it a lucrative target for cybercriminals.”

Cybercriminals are leveraging the global attention and massive scale of the Olympics to exploit vulnerabilities and achieve their malicious objectives, Tiquet said.

“Individuals should be particularly cautious with unsolicited communications related to the Olympics,” he said. “Be wary of emails, messages or social media posts offering deals, contests or requiring urgent actions. It is essential to verify the authenticity of sources before clicking on links or providing personal information. Avoiding suspicious links and attachments is crucial, as these can lead to phishing sites or malware infections. Additionally, using secure QR scanners with built-in security features to preview links before opening them can help prevent falling victim to QR code scams.”

Stephen Kowski, field CTO at SlashNext, said both individuals and organizations, including athletes, spectators and sponsors, are being targeted.

“For Paris 2024, we can expect to see new tactics, techniques and procedures (TTPs) emerge, such as more sophisticated phishing scams, ransomware attacks and disinformation campaigns,” he said. “We expect to see an increase in disinformation efforts, distributed denial of service (DDoS) attacks, and phishing attempts as well. Finally, we should also expect increased threats to IoT devices and critical infrastructure.”

Disinformation campaigns can be highly effective at rapidly spreading false narratives, sowing confusion and fear, and undermining public trust in institutions, Kowski said.

“DDoS attacks can disable essential resources for travelers and residents in France, leading to unwarranted safety concerns about attending the Olympics,” he said. “In a worst-case scenario, these attacks could provoke real-world violence or significantly disrupt the Olympic Games and democratic processes in France. Proactively combating disinformation with robust defenses and public awareness is critical.”