Paris 2024 Olympics, Rugby World Cup: ANSSI’s summary of the various threats

In its recent report, the French National Agency for Information Systems Security (ANSSI) conducted an in-depth assessment of cybersecurity threats in the context of major sporting events. The ANSSI report highlights the need for a significant strengthening of security measures, while acknowledging the complexity of this crucial task.

The Rugby World Cup will be held in 2023, followed by the Olympic Games in 2024, both of which are scheduled to take place in France. While these events are generating widespread enthusiasm, they are not immune to serious cybersecurity threats. This is precisely what the ANSSI emphasises in its latest report, highlighting the diversity of information systems that could be targeted.

The ANSSI report highlights the fact that the Rugby World Cup 2023 and Olympic Games 2024 sporting events will depend on several information systems directly involved in the management of physical infrastructures. This move towards IT systems has created new dependencies and blurred the traditional line between physical and IT security. In addition to concerns about the security of goods and people, the agency also highlights the potential consequences for the host country’s image and the economic benefits for organizers, sponsors and spectators. These consequences could include loss of revenue from ticketing and costs associated with equipment replacement, not to mention the risk of theft of data and funds.

ANSSI identifies three major categories of potential attacks. Firstly, for-profit attacks, which include scams aimed at spectators, extortion attempts using ransomware, blackmail through distributed denial of service (DDoS) and data disclosure, as well as the monetization of stolen data. Next, destabilization attacks, which include computer sabotage, hacktivism, compromise and data disclosure. Finally, espionage attacks, whether targeted or orchestrated via the supply chain.

ANSSI also warns of the possibility of more virulent ransomware campaigns. The limited duration of sporting events considerably increases the importance of service continuity and information system availability. If attackers succeed in encrypting networks essential to the smooth running of sporting events, the pressure to restore business continuity is increased tenfold, potentially prompting the victim to pay a ransom. Attackers frequently exploit the threat of data disclosure and business continuity disruptions to exert pressure on victims and maximize their chances of obtaining a ransom.

The current tense geopolitical context adds a further dimension to the risks. Major sporting events are international in nature, which means that the geostrategic dimension must be taken into account when assessing threats. Periods of geopolitical tension are conducive to destabilization attacks aimed at harming an adversary. ANSSI points out that the Russian invasion of Ukraine in February 2022 has led to a resurgence of pro-Russian and pro-Ukrainian hacktivist operations. These attacks can lead to temporary unavailability of affected services, but they also have notable reputational and financial repercussions. In addition, ANSSI warns against the possibility that these major sporting events could be exploited as a pretext for espionage campaigns targeting French public authorities.

To guard against these varied and potentially serious risks, ANSSI is issuing a number of recommendations. These recommendations cover various aspects, including raising awareness, securing users’ workstations and mobile terminals, protecting the information system (IS), IS administration, logging and detection, and supporting and maintaining malicious code protection solutions. ANSSI encourages regular communication, active monitoring of threats, IS mapping, restriction of digital services exposed to the Internet to what is strictly necessary, IS segmentation and filtration, implementation of physical access control, definition of an IS backup policy, elimination of administrative access directly exposed to the Internet, IS administration from a dedicated network, and use of a dedicated, secure administration workstation.

In short, securing major sporting events against cybersecurity threats represents a complex and multidimensional challenge. Vigilance, preparation and the implementation of adequate protective measures are essential to guarantee the success and security of these international events.