French cybercrime police are investigating a ransomware attack on the Grand Palais Exhibition Hall in Paris, a venue for Olympic events such as fencing and Taekwondo.
According to Reuters, the central computer system of the Grand Palais was targeted, but the attack did not disrupt Olympic events. The system also handles data for 40 mainly small affiliated museums. Attackers demanded a ransom within 48 hours, threatening to leak financial data if unpaid.
The “Réunion des musées nationaux – Grand Palais” has enlisted the national cybersecurity agency ANSSI to investigate. No data extraction has been detected, and operations at Grand Palais and the affiliated museums continue as usual.
Josh Jacobson, Director of Professional Services at HackerOne, says this ransomware incident is not unsurprising but potentially quite creative. While details are scarce, this attack targeted the centralized computer system, which may host financial data for the Olympic venue and 40 small museums.
He says the outcome of this successful compromise could benefit cybercriminals in several ways. First, because of the sheer number of venues scrambling to get their operations up and running, the bad actors could hope to rake in ransoms across the victim pool and maximize financial gain.
“Targeting more locations than just the Grand Palais may scale as threat actors focus on ‘easier’ targets and attempt to use this access as a foothold into the Olympics’ broader IT systems. It will be interesting to watch the situation unfold on the world stage,” he adds.
Jacobson says this is not the first attempted disruption of the 2024 Olympic games. In the lead-up to the opening ceremony, there were arson attacks against the French Rail Networks. “These types of attacks cause major chaos and reputational impact on the city of Paris and create unrest among the attendees.”
According to him, there remains a significant risk of attacks against the event’s associated venues, attendees, and spectators. Fake ticketing sites, social engineering campaigns, and phishing attacks present a substantial risk until the games end and beyond. Who is targeted depends on what information bad actors want to gather and from whom—it could even be nations targeting their people to track dissent.
“With less than a week remaining, time will tell if additional cyber incidents happen at the summer games. The potential impact on individuals is a genuine cause for concern and must be managed,” he ends.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.