Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime
Russian Cyberthreat Looms Over Paris Olympics
Cyberespionage, Hack-and-Leak and Disinformation Are All PossibilitiesRussia-aligned actors, including intelligence agency threat actors and hacktivists, are at high risk for carrying out cyberattacks and disinformation campaigns against organizations linked to the Paris Olympics, warn leading security firms.
See Also: OnDemand | 2024 Phishing Insights: What 11.9 Million User Behaviors Reveal About Your Risk
Ongoing tensions between Moscow and European states, as well the International Olympic Committee's decision to ban Russia from the upcoming Summer Olympics over its 2022 invasion of Ukraine, are the two main drivers likely to cause a surge in cyberattacks from Russia-aligned actors, said researchers from Recorded Future's Insikt Group in a Tuesday report.
"Moscow likely sees substantial gain in targeting the upcoming Olympic Games in some form," the report says, raising the possibility that military intelligence group Sandworm and hack-and-leak groups such as Turla may receive orders from the Kremlin to act.
Activities may range from espionage campaigns targeting IOC staff to disruptions of event broadcasting activities and influence campaigns.
Russian state hackers have hacked previous Olympics, including a spree against sporting and anti-doping organizations in the lead-up to the Tokyo Summer Games in 2020.
One strategy that Moscow could adopt is to rely on cyber proxies such as hacktivist groups or seek the help of another nation-state group to maintain plausible deniability, the researchers said.
Microsoft on Monday warned about malicious Russian cyber activities including influence operations aimed at tarnishing the reputation of the IOC.
Russian groups leading these campaigns include threat actors Microsoft tracks as Storm-1679 and Storm-1099, aka Doppelganger, which began running disinformation campaigns last October.
The groups have already begun to churn out Olympics-focused disinformation on Telegram, using fake AI-generated audio impersonating Tom Cruise and fake videos pretending to come from French broadcaster France24.
"Microsoft Threat Analysis Center has observed old tactics blending with artificial intelligence in malign activity. The use of slick computer-generated special effects and a broad marketing campaign, including faked endorsements from Western media outlets and celebrities, indicates a significant increase in skill and effort compared to most Influence Operations (IO) campaigns," the company said.
Russian disinformation campaigns so far have targeted French speakers but that will probably change closer to the competition's July start date. Russian threat groups will likely ramp up their use of generative AI and are likely to switch to English, German and other languages to maximize the visibility and traction of these campaigns, Microsoft said.