Radware’s CTI team highlights that hacktivists aim to create chaos by targeting highly visible digital infrastructures, such as ticketing, streaming, and betting platforms. The goal is to advance their political agendas through high-impact disruptions.
Historical Context
Past Olympic Games have seen significant cyberattacks. The Rio 2016 Olympics were hit with sophisticated DDoS attacks reaching 540 Gbps, driven by IoT botnets.
The 2020 Tokyo Olympics experienced a staggering 450 million attacks. With geopolitical tensions rising, the Paris 2024 Olympics are expected to face an even greater onslaught.
Recent Incidents
In June 2024, Russian hacktivist groups HackNeT and the Cyber Army of Russia Reborn executed DDoS attacks on French sites, including the La Rochelle International Film Festival and the Grand Palais. These groups, linked to the Kremlin, dubbed these attacks “training” for larger operations during the Olympics.
Targeted Sectors
Hacktivists are expected to focus on:
- Olympics logistics and operations: Ticketing systems, venue access control, and hotel booking platforms.
- Streaming and media: Official Olympics streaming platforms and major broadcasters.
- Sports betting: Online sportsbooks.
- Financial services: Payment processors for tickets and merchandise.
- Tourism and hospitality: Airline booking systems, hotel reservation platforms, and travel websites.
- Olympics-specific digital services: Official mobile apps and volunteer coordination systems.
Potential Impact
Even brief outages can trigger global media crises, jeopardising safety, diplomacy, and the Olympic brand. The stakes are heightened by current geopolitical tensions, notably the Russia-Ukraine war and conflicts in the Middle East.
Evolving Threats
Hacktivists are now leveraging AI-powered tools, such as CAPTCHA-solving capabilities, to bypass traditional defences and launch unprecedented attack traffic volumes.
Defensive Measures
Radware emphasises the need for robust DDoS protection, including:
- Hybrid on-premise and cloud solutions.
- Behavioural-based detection to identify anomalies.
- Real-time signature creation to counter zero-day threats.
- A comprehensive cybersecurity emergency response plan.
- Intelligence on active threat actors.
For further protection, Radware advises regular network inspections and updates, along with advanced web application security measures like OWASP Top-10 coverage, bot protection, and API security.
