Pro-Russia Hacktivists Target Olympic Games

Security experts have measured a significant uptick in hacking activity targeting France ahead of the opening of the Paris Olympic Games on Friday, including “hacktivist” campaigns by partisans of Russia and Belarus, which were not invited to attend.

“France may face an elevated risk of Russian cyber threat activity given the country’s financial and military support for Ukraine after Russia’s invasion in February 2022,” found a report from Google subsidiary Mandiant.

The company said Russian threat groups are likely to pose the Games’ highest cybersecurity risk, which is to see the participation of around 10,000 athletes from more than 200 countries.

The Paris Olympics will “face a greater threat of malicious cyber activity than previous Olympics” due to geopolitical tensions around the ongoing conflict in Ukraine, found Tim West, director of WithSecure, formerly F-Secure Business.

Hacktivist disruption

“Hacktivists aligned with states that are pro-Russia will almost certainly try to disrupt the Olympics in some way,” he said.

He noted that Russia is “well able to deploy human operations in conjunction to cyber-attacks” and can target all kinds of networks, including operational technology, although he noted the country is only likely to carry out attacks where “there is a level of deniability”.

“The Russian state almost certainly has the capability to influence and direct hacktivist collectives, along with operating ‘hacktivist collectives’ as a thin false cover for their own operations,” he said.

A FortiGuard Labs Threat Research report found there was a “spike in hacktivist activity” by pro-Russian groups including LulzSec, noname057, Cyber Army Russia Reborn, Cyber Dragon and Dragonforce that “specifically call out that they’re targeting the Olympic games”.

Also targeting the event are hacktivist groups from other countries and regions including Anonymous Sudan, Indonesia’s Gamesia Team, Turkey’s Turk Hack Team, and India’s Team Anon Force, FortiGuard said.

The researchers said they expect hacktivist groups to target infrastructure, media channels and affiliated organisations to “disrupt event proceedings, undermine credibility, and amplify their messages on a global stage”.

Darknet surge

Cyber-attacks targeting the Olympic Games have surged over the past decade, with only 212 million documented attacks on the London 2012 Games surging to 4.4 billion at the Tokyo 2020 event, FortiGuard noted.

Aside from politics, such attacks often involve financial motives, such as opportunities for stealing data from attendees, viewers and sponsors.

The company said it has observed a “significant increase in resources” being gathered to target the Paris Games, “especially those targeting French-speaking users, French government agencies and businesses and French infrastructure providers”.

The company said it saw an 80 to 90 percent surge in activity targeting France on hacking websites starting in the second half of 2023, which has remained constant through the first half of this year.

“The prevalence and sophistication of these threats are a testament to cybercriminals’ planning and execution,” FortiGuard researchers said.

Techniques include fake ticketing platforms, fraudulent merchandise and identity theft schemes, the company said.

Mitigation strategies include employee and user training and awareness, public awareness campaigns, increased protection of sensitive data and the enforcement of multi-factor authentication, FortiGuard said.