2024 Olympics: Cyber Incidents Had “No Operational Impact,” Says Eviden

Eviden took advantage of “the Assises de la cybersécurité”, held in Monaco from October 9 to 12, 2024, to reflect on the cybersecurity of the Paris 2024 Olympic and Paralympic Games. A month after the event’s conclusion, Atos’ branch responsible for Olympic IT security proudly shared an extremely positive report. Despite recording 50 billion cyber events that generated 850 incident tickets, Eviden confirmed there was “no operational impact.”

In September 2024, Anssi had reported 548 cybersecurity events affecting structures related to the organization of the Games. Nearly half of these were service disruptions, “with a quarter” being DDoS attacks.

Eviden identified around 15 high-criticality incident tickets. However, according to Benoît Delpierre, the technological lead for the Games at the firm, focusing only on these would have been a mistake. “Cyber experience shows us that the first attack vector is often low criticality. It’s quite rare for attackers to come in breaking everything,” he told ZDNet.fr.

Benoît Delpierre emphasized the three years of preparation by his teams, which included refining automatic incident characterization tools. These efforts, he explained, reached their goal of drastically reducing false positives and completely eliminating false negatives, ensuring that human teams only dealt with confirmed risks.