
- Home
- Cyber stability
- Paris 2024 Olympics: Gold medal for the “Cyber Team”
Paris 2024 Olympics: Gold medal for the “Cyber Team”


Thanks to the unwavering mobilization of all stakeholders, the cybersecurity teams of the Paris 2024 Olympic and Paralympic Games were able to thwart every attack they faced.
The cybersecurity assessment of the Paris 2024 Olympic and Paralympic Games is positive. A total of 548 cybersecurity events affecting entities linked to the organization of the 2024 Games were reported to ANSSI between May 8 and September 8, 2024. These events were handled by the agency’s operational teams.
Regarding the types of reported cybersecurity events, nearly half were related to service unavailability, with a quarter resulting from DDoS attacks. The remaining cybersecurity events involved compromises or attempted compromises, data breaches, or vulnerability reports. The most targeted sectors were government entities, sports, entertainment (competition sites and Paris 2024), and telecommunications.
More specifically, the 548 cybersecurity events included 465 reports (cybersecurity events with a low impact on the victim’s information system, requiring minimal intervention by the Agency) and 83 incidents (security events confirmed by ANSSI as resulting from malicious actors successfully compromising the victim’s information system).
Four years to implement the system and train
In addition to these figures, there’s nothing like those provided directly by Franz Regul, CISO of Paris 2024, and Benoit Delpierre, Cybersecurity CTO at Eviden France. “The COJOP (Organizing Committee for the Olympic and Paralympic Games) represented 5,000 people at the start of the Games and twice as many partners and service providers. It also involved 40 sites that had to be interconnected through 9,000 network access points, 12,000 workstations, and 240 applications that were developed, delivered, and put into production over more than 4 years. These are the figures of a solid mid-sized company, but it’s the most-watched sporting event in the world, and therefore the most attacked,” Franz Regul noted during the Assises event in Monaco.
‘The cybersecurity assessment of the Games can be summed up in three figures: 55 billion cybersecurity events, 900 tickets analyzed, and zero operational cyber incidents. These 55 billion events aren’t necessarily meaningful from a cybersecurity perspective. They primarily signify that we managed to integrate a platform capable of handling this volume. In terms of business operations, the 900 tickets are significant, reflecting our commitment to addressing ticket quality, regardless of their level of criticality,’ Benoit Delpierre added.
Franz Regul reflected on the four years it took to achieve such results. He recalled joining the project in early 2020 when the only solution in place was antivirus software. ‘Between 2021 and 2023, we brought the strategy we had envisioned to life, working with my associates and deputies during the first year. The goal was very clear: zero incidents. We weren’t short on ambition, but we knew that if we left any doors open, we’d be ‘hit’. With four billion viewers, the Olympics is the most closely-watched event in the world,’ he noted.
In 2023, the Cyber Security Operation Center (CSOC) of the Paris 2024 Games was launched. It became the control hub for the system. “We were entering the final phase of the project. The entire technology stack had been delivered, and we had 12 months left to train. The first wide-scope red team exercise didn’t go very well; the results were disappointing. It’s inevitable – everyone who has done it knows,” Franz Regul explained.
Six red teamers spent 160 man-days attacking the 2024 Games’ IT systems
The details of this first red team exercise, and subsequent ones, were provided by Renaud Dubourguais, Chief Operating Officer at Synacktiv. ‘To ensure that all the efforts invested were paying off, we were asked to simulate war games, realistic attacks by fictional cybercriminals. These training sessions, or ‘preparation matches,’ were conducted from October 2023 to August 2024, before and even slightly during the Games. The goal was to test the detection capabilities of the Paris 2024 SOC and verify the incident response procedures,’ he said.
The Synacktiv team consisted of six red teamers. Their attacks were launched without the CSOC teams being aware. During the first round of attacks, the red team managed to deeply penetrate the Paris 2024 Games’ information system. “The entry point of the first campaign was the open-source application SonarQube, used for code analysis. Through a vulnerability we discovered in the software, we were able to advance within the system and compromise a large portion of the Organizing Committee’s infrastructure,” explained Renaud Dubourguais. The vulnerability was, of course, reported to the software publisher (Sonar), and a patch was released recently.
‘With each campaign, the cybersecurity teams of Paris 2024 took our deliverables and learned from them. As the attacks progressed, we witnessed the cybersecurity teams’ growing strength. We went from successful intrusions to an impenetrable wall, which reassured everyone. Overall, we spent over 160 man-days attacking the Paris 2024 Games’ IT system. Even though the red teamers had some victories, it was a real desert crossing for them 75% of the time, which is highly commendable for the defensive teams,’ Renaud Dubourguais added.
Changing mindsets: essential for success
Another takeaway from the Paris 2024 Games experience is the critical need to change the teams’ mindset. “What we had certainly underestimated at that point (12 months before the Games) was that the real challenge ahead of us was changing mentalities. In 12 months, we had just enough time to evolve 150 people to work in the way we needed, with the efficiency and defense level we were aiming for,” Franz Regul stated.
To illustrate the ‘cultural shift’ that took place within the Paris 2024 cybersecurity teams, Benoit Delpierre recounted the global outage that affected Microsoft services one week to the day before the Olympics began. ‘During the Paris 2024 Games, we worked with three teams that rotated shifts 24/7. I worked nights, from 7 p.m. to 7 a.m. On Friday, July 19, 2024, at 7 a.m., while we were handing over to the next team, blue screens and reboots appeared on the CSOC computers. My team and I thought, ‘It’s one week before the Olympics, it’s happening to us, we’re going down.’ However, thanks to the training implemented over the past year, we reacted differently: we quickly understood that we weren’t the target, we continued our handover, and, most importantly, we left and handed over to the next team because we trusted them to handle the situation.’
Benoit Delpierre added, ‘Cybersecurity is about technology, but it’s also about getting humans to work together. When, a week before the Games, an incident like this occurs, and people aren’t running through the hallways shouting but remain calm, you can go home and trust that the team replacing you will do the job, allowing you to return 12 hours later refreshed.’
Franz Regul and Benoit Delpierre succeeded in fostering a true sense of cohesion within the Paris 2024 cybersecurity teams. ‘We really became part of a team. We delivered a sporting event, we delivered the battle for the Olympic gold medal in cybersecurity, and we won,’ concluded Franz Regul.
Gérôme Billois, Partner at Wavestone, shared this sentiment: ‘There was incredible mobilization, a genuine alignment of everyone towards a common goal. I think everyone wanted the Paris 2024 Games to succeed. Everyone understood the importance of the Games for the country and the reality of a very present cyber threat. There was no need to convince people of the need to act; everyone was focused on ‘how to get it done,’ which saved time. There was a real desire to work together.’
the newsletter
the newsletter