The Summer Olympics and tensions over the war in Ukraine are likely to make Paris a tempting target for a variety of hacking attempts, including from adversarial countries, France’s top cybersecurity official said on Monday.
Vincent Strubel, the head of France’s cybersecurity agency, known as ANSSI, said in an interview that the Olympics faced threats from adversarial countries, criminals wielding ransomware and Russian-aligned “hacktivists” who use their computer skills to further their political messages.
French officials, including Mr. Strubel, are in Washington this week for consultations with cybersecurity officials. The Paris Olympics will run from July 26 to Aug. 11.
The opening ceremony of the 2018 Olympics in Pyeongchang, South Korea, was marred by a cyberattack that caused internet disruptions. Security companies quickly blamed Russia, and the Fancy Bear hacking group tied to Moscow’s intelligence services, for that attack.
Mr. Strubel said the Paris opening ceremony could also be a target of a cyberattack by a state actor. He did not name a country, but President Emmanuel Macron of France said he had “no doubt whatsoever” that Russia would try to target the Paris Olympics. He did not provide any details.
While Russian athletes will participate in Paris, they will not compete under the flag of their country. Russia is banned from the Olympics for its illegal annexation of Ukrainian territory.
“The geopolitical landscape, and in particular the war in Ukraine, will be a factor in the threat assessment for the Games because actions by state actors is a very real possibility, one we are preparing for,” Mr. Strubel said. “But it is also a real factor in terms of hacktivism; a lot of actors nowadays are pro-Russian.”
Cyberattacks by Russia-based hackers have been on the rise since the war in Ukraine began two years ago, Mr. Strubel said. Most of those attacks have been relatively unsophisticated, aimed at temporarily taking down websites or servers.
“Any time France has made a political gesture of support for Ukraine over the past two years, there have been a bunch of denial-of-service attacks targeting French institutions,” Mr. Strubel said.
In addition to the possibility of state-sponsored or state-aligned hacking efforts, France is preparing for ransomware attacks against businesses and organizations. France, like the United States, has been hit in recent years by a wave of ransomware attacks that have affected local authorities and hospitals.
Such criminal operations, Mr. Strubel said, will probably increase during the Games.
“We expect cybercrime, organized crime,” he said. “To people who want to make money, the Olympics might be like Black Friday every day for two weeks. The pressure to pay ransoms will be increased for all entities who expect to make a lot of business during the Olympics.”
For the past two years, sports federations, stadiums and local authorities in areas where events will take place have been working with the ANSSI on security issues. They have also been training to improve their responses.
The goal, Mr. Strubel said, is to prevent the worst attacks on the most critical infrastructures, and help train others to make sure minor attacks do not spread and become catastrophic.
Mr. Strubel said his organization would work to get out information about real and potential attacks during the Olympics to counteract panic and misinformation.
“You can’t expect to have no cyberattacks during the Games; there will be cyberattacks,” he said. “Part of that responsibility will be to provide timely information and to the media, to our international partners and what’s actually happening to avoid the same kind of panic.”