The threats to the Paris Olympics are multifaceted, with cyber risks being one of them. Ticketing systems, timing systems... which Olympic services are most at risk? Are we overall in control?

According to me, the services most exposed to cyberattacks are ticket theft or disruption of their sale. Such an attack, via IT systems, could seriously compromise the smooth organization of the Paris Olympics and tarnish their reputation, reflecting poorly on the country's image. Another service that could be cyber-attacked is the sports results service. Manipulating sports results would create indescribable confusion, which could obviously have significant consequences on the smooth running of the competitions and the reputation of the athletes. There is also a risk in the exploitation of security and access control systems. This could allow unauthorized individuals to enter sensitive areas or disrupt security measures. The Olympics websites and mobile applications could be exploited to spread misleading information, conduct phishing campaigns, or steal users' personal data. However, the French authorities and the organizers of the Paris 2024 Olympics have taken significant security measures to reduce these risks. Let's stay optimistic!

What is the extent of the recent cyberattacks that have targeted French administrations and ministries in recent months?

It is difficult to precisely assess the extent of recent cyberattacks against the country's administrations and ministries due to the lack of communication from the authorities. Nevertheless, on March 10, 2024, several French ministries and administrations, including the Prime Minister's office, as well as the ministries of Economy, Ecological Transition, Health, and Culture, were victims of a denial-of-service (DDoS) attack. This attack caused disruptions in online services and made some websites inaccessible. Following this attack, the Paris Prosecutor's Office's cybercrime unit opened an investigation and activated a crisis unit. Filtering measures were implemented by DINUM and ANSSI to counter this situation. Attacks continue to grow, and hackers are increasingly targeting government administrations due to their sensitive data, critical systems, and important events we will be organizing, including the Olympics.

Do we know the origin of these cyberattacks?

The origin of the recent cyberattacks against French administrations and ministries is still unknown according to official sources. However, it is likely that these attacks were carried out by hacker groups supported by foreign states or by criminal organizations, the latter seeking to derive financial benefits from the targeted administrations. It is important to note that these informations are based on expert analyses and speculations, and there is no concrete proof regarding the origin of these attacks.

ANSSI, the national authority for information systems security and defense, also alerts companies to these risks. How many companies are affected?

According to ANSSI statistics, over 50% of companies in France were affected by cyberattacks in 2022, with 90% involving private companies, particularly large ones. It is worth noting that this study did not take small businesses into account. In France, different sectors have been severely impacted by cyberattacks:

• Commerce sector: 22%
• Services sector: 21%
• Industrial sector: 19%
• Financial sector: 15%
• Public sector: 13%

The effects of cyberattacks on companies can be significant, affecting both their finances and reputation. On average, the cost of a cyberattack in France is estimated at 50,000 euros, but for large companies, this cost can reach several million euros. Additionally, cyberattacks can lead to serious consequences such as data loss, business interruptions, reputational damage, and even business cessation.

Is Artificial Intelligence a tool to combat cyberattacks or an endless technology for cybercrime?

The use of artificial intelligence represents both an opportunity and a challenge in the fight against cyberattacks. With its ability to analyze vast amounts of data, AI can detect subtle signs that indicate cyber threats, a capability widely used in Security Operations Centers (SOCs). Furthermore, AI can automate incident responses, allowing security teams to focus on critical actions, thereby reducing the effects of cyberattacks. Artificial intelligence paves the way for developing more robust and intelligent defense systems capable of effectively countering sophisticated and large-scale cyberattacks. On the other hand, cybercriminals can also use AI to make attacks harder to detect, design malware that adapts to the victim's security systems, and precisely target security vulnerabilities.

Interview by ERE

(*) Ziwit, a cybersecurity company from Montpellier created in 2011, has quickly become the European reference in Offensive Cybersecurity. The company offers products and services to protect businesses against hackers, including manual audits, pentests, training, awareness programs, online cybersecurity solutions, and is the leading French provider of SSL Certificates.