Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Paris Olympics. Show all posts

Paris 2024 Olympics Faced Over 140 Cyberattacks, No Disruptions Reported

 

During the Paris 2024 Olympics, French authorities reported over 140 cyberattacks, but none of these incidents disrupted the sporting events. The French government’s cybersecurity agency, Anssi, maintained a high state of alert throughout the games, anticipating potential threats to the organizing committee, ticketing systems, and transportation infrastructure. Given the scale and visibility of the Olympics, cybercriminals often see such events as prime targets for malicious activities. 

From July 26 to August 11, Anssi recorded 119 reports of low-impact “security events.” In addition, there were 22 more serious incidents where “a malicious actor” successfully infiltrated a victim’s information system. These attacks targeted government entities, as well as infrastructure related to sports, transportation, and telecommunications. Despite these incidents, the overall impact on the Olympic Games was minimal. Anssi noted that about one-third of the incidents involved system downtime, with half of these caused by denial-of-service (DoS) attacks. 

These attacks are designed to overwhelm servers with traffic, rendering them inaccessible. Other cyber incidents included attempted system compromises, data breaches, and other forms of malicious activity. However, Anssi emphasized that all cyber events during the Olympics were generally of low impact, highlighting the effectiveness of the cybersecurity measures in place. A significant cyberattack occurred in early August, when ransomware targeted the Grand Palais, an Olympic venue, along with approximately 40 other museums across France. 

Ransomware attacks typically exploit security flaws to encrypt and block access to computer systems, demanding a ransom payment to restore access. Despite the attack, Anssi confirmed that none of the information systems critical to the Olympic Games were affected. While the Paris Olympics experienced fewer cyberattacks than the Tokyo 2021 Games, which reported 450 million cyber operations, the threat level remained high. In fact, Marie-Rose Bruno, director of technology and information systems for the Paris Games, had anticipated “eight to ten times more” cyberattacks than those seen in Tokyo. 

The Paris 2024 Olympics faced a considerable number of cyber incidents, but thanks to robust cybersecurity measures, these attacks had little to no impact on the events. The proactive efforts of French authorities and cybersecurity experts ensured that the games proceeded smoothly, without major disruptions to the athletes or spectators.

Louvre and Top French Museums Fall Victim to Ransomware Attack, Including Olympic Sites

 



Over 40 museums in France, including the Grand Palais, a key venue for the upcoming Paris Olympics, and the world-famous Louvre, recently fell victim to a discernible ransomware attack. The breach, which occurred over the weekend of August 3rd, has raised concerns about the security of cultural institutions in the country.

According to police sources, the cyberattack specifically targeted a system that centralises financial data for various museums. This attack disrupted operations and led to the hackers demanding a ransom. They threatened to release sensitive financial information unless their demands were met. Although the exact amount of the ransom has not been disclosed, the incident has sparked a criminal investigation focusing on data system breaches and extortion by an organised gang.

The national cybersecurity agency of France, Anssi, confirmed that it had been notified of the breach and was actively investigating the situation. Importantly, the agency clarified that the compromised systems are not involved in any Olympic-related events, alleviating some concerns about the security of the upcoming games. The Grand Palais, which is scheduled to host fencing and martial arts during the Olympics, acknowledged that it had been affected by the attack but declined to share further details about the extent of the damage or the ongoing investigation.

Interestingly, the Louvre, initially mentioned as a potential target by the police, has since denied being impacted by the cyberattack. This denial has added a layer of confusion to the situation, as conflicting reports about the scope of the attack have emerged. Despite the Louvre's statement, the fact remains that the ransomware attack has exponentially impacted the museum sector in France, further stressing the vulnerability of even the most renowned cultural institutions to cyber threats.

Ransomware attacks have become increasingly common in recent years, where criminals infiltrate computer systems, encrypt data, and demand payment in exchange for unlocking the compromised systems. This incident highlights the expanding threat of cybercrime, even against prestigious and heavily protected targets like the Grand Palais and other prominent French museums.

As the investigation continues, French authorities are working to identify the perpetrators and prevent future attacks on the nation's cultural heritage. This incident calls for proper implementation of robust cybersecurity measures, especially as the world prepares for major international events like the Paris Olympics. 

The broader implications of this ransomware attack may push cultural institutions worldwide to reassess their digital security strategies, ensuring that their valuable assets remain protected from the growing trajectory of unique threats. 


AI Surveillance at Paris Olympics Raise Privacy Concerns

 

French authorities' plans to employ artificial intelligence to scan the thousands of athletes, coaches and spectators descending on Paris for the Olympics is a form of creeping surveillance, rights groups said. 

In recent months, authorities have tested artificial intelligence surveillance equipment at football stadiums, concerts, and train stations. These devices will scan the crowds, look for abandoned packages, locate weapons, and more when the games start in late July. 

According to French officials, police, fire and rescue agencies, as well as certain French transport security agents, will employ these technologies until March 31, 2025, although they won't be fully operational until the games. 

Campaigners worry that AI spying will become the new norm. "The Olympics are a huge opportunity to test this type of surveillance under the guise of security issues, and are paving the way to even more intrusive systems such as facial recognition," Katia Roux, advocacy lead at Amnesty International France, stated. 

The French government has enlisted four companies in the effort: Videtics, Orange Business, ChapsVision, and Wintics. These organisations' security solutions track eight critical metrics: traffic going against the flow, people in restricted zones, crowd movement, abandoned packages, the presence or usage of weapons, overcrowding, a body on the ground, and fire. 

The software has been tested during concerts by Depeche Mode and the Black Eyed Peas, as well as a football match between Paris Saint-Germain and Olympique Lyon. 

Olympics: An AI playground 

French politicians have attempted to appease critics by banning facial recognition. Authorities say it's a red line that should not be crossed. 

Matthias Houllier, Wintics' co-founder, stated that the experiment was "strictly limited" to the eight use-cases mentioned in the law, and that features like crowd movement detection could not be utilised for other methods such as gait detection, which uses a person's unique walk to identify them. Wintics' design made it "absolutely impossible" for both end users and advanced engineers to utilise it for facial recognition. 

Experts are concerned that the government's methods for evaluating test performance, as well as the particular way this technology operates, have not been made public. 

"There is nowhere near the necessary amount of transparency about these technologies. There is a very unfortunate narrative that we cannot permit transparency about such systems, particularly in a law enforcement or public security context, but this is nonsense", Leufer said. 

"The use of surveillance technologies like these, especially in law enforcement and public security contexts, holds perhaps the greatest potential for harm, and therefore requires the highest level of public accountability," he added.