Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime

Russian Cyberthreat Looms Over Paris Olympics

Cyberespionage, Hack-and-Leak and Disinformation Are All Possibilities
Russian Cyberthreat Looms Over Paris Olympics
Microsoft and Recorded Future each published warnings that Russian threat actors may be active during the Paris Summer Olympics. (Image: Shutterstock)

Russia-aligned actors, including intelligence agency threat actors and hacktivists, are at high risk for carrying out cyberattacks and disinformation campaigns against organizations linked to the Paris Olympics, warn leading security firms.

See Also: OnDemand | 2024 Phishing Insights: What 11.9 Million User Behaviors Reveal About Your Risk

Ongoing tensions between Moscow and European states, as well the International Olympic Committee's decision to ban Russia from the upcoming Summer Olympics over its 2022 invasion of Ukraine, are the two main drivers likely to cause a surge in cyberattacks from Russia-aligned actors, said researchers from Recorded Future's Insikt Group in a Tuesday report.

"Moscow likely sees substantial gain in targeting the upcoming Olympic Games in some form," the report says, raising the possibility that military intelligence group Sandworm and hack-and-leak groups such as Turla may receive orders from the Kremlin to act.

Activities may range from espionage campaigns targeting IOC staff to disruptions of event broadcasting activities and influence campaigns.

Russian state hackers have hacked previous Olympics, including a spree against sporting and anti-doping organizations in the lead-up to the Tokyo Summer Games in 2020.

One strategy that Moscow could adopt is to rely on cyber proxies such as hacktivist groups or seek the help of another nation-state group to maintain plausible deniability, the researchers said.

Microsoft on Monday warned about malicious Russian cyber activities including influence operations aimed at tarnishing the reputation of the IOC.

Russian groups leading these campaigns include threat actors Microsoft tracks as Storm-1679 and Storm-1099, aka Doppelganger, which began running disinformation campaigns last October.

The groups have already begun to churn out Olympics-focused disinformation on Telegram, using fake AI-generated audio impersonating Tom Cruise and fake videos pretending to come from French broadcaster France24.

"Microsoft Threat Analysis Center has observed old tactics blending with artificial intelligence in malign activity. The use of slick computer-generated special effects and a broad marketing campaign, including faked endorsements from Western media outlets and celebrities, indicates a significant increase in skill and effort compared to most Influence Operations (IO) campaigns," the company said.

Russian disinformation campaigns so far have targeted French speakers but that will probably change closer to the competition's July start date. Russian threat groups will likely ramp up their use of generative AI and are likely to switch to English, German and other languages to maximize the visibility and traction of these campaigns, Microsoft said.


About the Author

Akshaya Asokan

Akshaya Asokan

Senior Correspondent, ISMG

Asokan is a U.K.-based senior correspondent for Information Security Media Group's global news desk. She previously worked with IDG and other publications, reporting on developments in technology, minority rights and education.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.