Business Standard

Olympics 2024: Cybercriminals eye 'gold' as millions flock to Paris

Cybersecurity experts say that Indian travellers going to the Olympic event are equally vulnerable to the threats

Paris Olympics 2024,medals

Paris Olympics 2024,medals (Photo: Paris Olympics wesbite)

Ashutosh Mishra New Delhi

Listen to This Article

Millions will be flocking to Paris where Olympics will be held over the next 16 days, beginning Friday. It will be the first in-person summer games since pandemic restrictions were lifted. While the French capital will play host to over 10,000 athletes of various streams, there are fears that it could also turn into a hunting ground for cybersecurity threat actors.

Security experts are cautioning people against possible threats.

Loose ends: 25,000 free Wi-Fi spots

An analysis of nearly 25,000 free Wi-Fi spots in Paris showed that almost 25 per cent of these networks had weak or no encryption. It means that travellers using public Wi-Fi at large events like this face significant cybersecurity risks, such as data theft and identity fraud, said a report by Kaspersky. 
 

Additionally, almost one-in-five (20 per cent) were configured with WPS, an outdated and easily compromised algorithm, rendering them highly susceptible to WPS attacks that could result in data loss. Only six per cent of the analysed networks used the latest WPA3 security protocol, said the note from Kaspersky.

“Like the sportspeople training for the summer of sport in France, cybercriminals have also prepared an unsavoury welcome for the millions of people heading for Paris hotels, fan zones and events. They might set up fake access points or compromise legitimate networks to intercept and manipulate data transfers. Open and misconfigured Wi-Fi networks are particularly attractive to criminals, as they enable the theft of passwords, credit card details, and other sensitive user data,” said Amin Hasbini, Head of META research unit at Kaspersky’s GReAT (Global Research and Analysis Team).


Phishing scammers

Apart from Wifi vulnerabilities, the global sporting event has also attracted the eyes of phishing scammers. A Cloudflare analysis points towards a rise in phishing and malicious emails related to the Paris Olympics. 

From January 2024 up to late July, the firm processed over half a million emails containing “Olympics” or “Paris 2024” in the subject, out of which 1.5 per cent were spam, and 0.2 per cent were malicious.

Further, there are possibilities of scams happening through a setup known as Wi-Fi Honeypots, which are fake Wi-Fi hotspots set up by attackers to lure unsuspecting users, say experts.

“These often have enticing names like Free Public Wi-Fi, or mimic legitimate networks (eg, a coffee shop's Wi-Fi). Once you connect to a honeypot, attackers can easily monitor your traffic, steal your data, and even inject malware into your device,” said Ranjeeth Bellary, Partner, EY India Forensic and Integrity Services – Cyber Forensics.

Global security firm - Palo Alto in a report last month, projected that financial theft was likely to occur leading up to the Games, during the Olympics, and even persist for several weeks after the Games. 

“Business Email Compromise (BEC) threat actors will likely use fear, uncertainty, and doubt of a ‘missed’ payment to entice victims into paying a fake invoice after the Olympics have finished,” the report says. 

Further, domains spoofing the legitimate Olympics website, while fake mobile apps masquerading as transport, booking, or other planning apps are also certain to be leveraged by fraudsters during the event, cybersecurity firms say, which puts Indian users also at risk.

India is amongst the top 10 countries from where the traffic for the Paris Olympics website came in.

Cybersecurity experts say that Indian travellers going to the Olympics event are equally vulnerable to the threats. 

Don't miss the most important news and views of the day. Get them on our Telegram channel

First Published: Jul 25 2024 | 7:24 PM IST

Explore News