As part of October's Cyber Month, iQo takes a look back at the event of the year, for which cybersecurity is a key issue: the Paris 2024 Olympic and Paralympic Games.
Contents
Cybersecurity: a key issue at the Olympic Games
The Paris 2024 Olympic Games were a real success, on every level.
- welcoming delegations and tourists
- course of the tests
- atmosphere in the capital
- safety
- ... and also from a cybersecurity point of view
Cybersecurity is one of the greatest threats to the Olympic Games. Highly dependent on Information Systems, from timekeeping to ticketing (automated ticketing system), infrastructure protection and personal data collection, the Games are exposed to cyber-threats.
At the Tokyo Games in 2021, organizers deplored nearly 450 million attacks, all of which were thwarted; Paris 2024 expected eight times as many attacks as Tokyo.
The growing risk of cyberthreats weighed on the Paris Olympic Games
Paris 2024 therefore knew what to expect, all the more so as cyber-attackers are becoming more and more creative, both in the type of attack and in its number and timing.
At a time when cyber-attacks are becoming increasingly complex, the protection of critical infrastructures, personal data and information systems is of paramount importance to the smooth running of the Olympic Games.
Proactive planning to ensure cybersecurity at the Olympic Games
In the run-up to the launch of the Games, in-depth preparations were put in place between the Olympic Committee, Paris 2024 and national cybersecurity players in France, in particular theANSSIAgence Nationale de la Sécurité des Systèmes d'Information, in collaboration with the Interministerial Delegation for the Olympic and Paralympic Games (DIJOP) and the Ministry of the Interior, through the National Coordination for Games Security (CNSJ).
A rigorous cybersecurity framework for Paris 2024
Public/private partnerships have also been set up with private companies, to identify risks and implement cyber defense strategies. A rigorous cybersecurity framework has been defined by all stakeholders, focusing on 5 main areas.
- Improving knowledge of cyber threats to the Games
- Securing critical information systems
- Protecting sensitive data
- Raising awareness of the Games ecosystem
- Prepare to respond in the event of a cyber attack affecting the Games.
Intensive safety tests
Prior to the launch of the Games, several full-scale simulations of cyberattacks were carried out, in order to assess the resilience systems. Crisis exercises were also launched, to test the speed of response to various scenarios: DDoS attacks, president scams, instructions in critical systems, data theft, blocking of customer sites, etc.
Coordinating the various players
The system put in place for the Olympic Games has made it possible to centralize information in the cyber field.
ANSSI, the single point of entry for cyber reports, has helped consolidate a single view of the cybersecurity situation at the Olympic Games.
In addition, the presence of an ANSSI liaison officer with the Paris 2024 cyber teams facilitated the feedback and qualification of cybersecurity events. Through its international partnerships, ANSSI was able to mobilize international cybersecurity partners such as the Centre de Coopération Internationale (CCI) and the European crisis management network EU-CyCLONe European crisis management network, thus guaranteeing global cooperation.
The result: a limited number of cybersecurity incidents, and no impact on the running of the Games.
Thanks to the actions put in place by the Paris 2024 organization, a limited number of cybersecurity incidents have been recorded.
Between May 8 and September 8, 2024, 548 cybersecurity events affecting entities linked to the organization of the Olympic Games were reported to ANSSI in connection with the organization of the Games.
Of these, half concerned service unavailability, of which a quarter were linked to DDoS-type attacks (denial of service). The other half involved attempted compromises, data disclosures and vulnerability reports.
Paris 2024: a model for managing cybersecurity issues?
The way in which the Paris Olympic and Paralympic Games dealt with cyberthreats is a lesson for all organizations: thanks to intensive awareness-raising, a dedicated and trained team and successful coordination, organizations are able to defend themselves.
This success in cybersecurity sets a benchmark not only for future global events, but also for organizations seeking to strengthen their resilience in the face of ever more creative threats. Paris 2024 will have marked a new era in critical infrastructure defense.
How can iQo support your cybersecurity approach?
Does your cybersecurity team need support in managing cybersecurity risk, making it transparent and managing it from the design stage of your projects? iQo can help you analyze cyber risks, define cybersecurity-by-design, manage cybersecurity projects, draft cyber documents and raise employee awareness.
What role do women play in the digital world?
Women account for just 26.9% of the workforce in the digital professions, all professions combined. This figure was published in March 2023 by the Femmes @ Numérique association.
Another figure: only 16% of women work in the so-called technical professions. In fact, women who choose to work in the digital sector are mainly attracted to transformation-related positions. What are the reasons for this, and what possible solutions can be found? And how can we prevent this from happening again in the years to come?
Digital resilience: cybersecurity and supply
Building French and European digital resilience is a fundamental issue of sovereignty that goes far beyond digital issues alone. In our "Digital Resilience" feature, we invite you to
How do you set up a cyber resilience program?
Cyber resilience is an organization's ability to maintain business continuity (business resilience) by preparing for, responding to and recovering from cyber attacks. An organization's
