1 min

Olympic Games: ANSSI argues for “healthy paranoia”

Vincent Strubel, head of ANSSI, goes over security measures for Paris 2024 Games, as well as threats the event faces.

Antifraud action - July 13, 2023

On July 11, 2023, the French sports daily, L’Equipe, published a long interview with Vincent Strubel, head of ANSSI, on the cybersecurity of the 2024 Olympic Games in Paris. He argues for a mindset of “healthy paranoia” in the face of inevitable threats.

French Prime Minister Elisabeth Borne officially entrusted the cybersecurity of the Games to ANSSI in July of 2022. The agency is working with the Ministry of the Interior, Paris 2024, the Olympic infrastructure and works company (SOLIDEO) and the city of Paris.

There was quite a bit of groundwork at the start, as ANSSI is unfamiliar with the world of sport and the Games. It took us six months to map it all out, to identify the players, outline priorities and methods for working with each other,” stated Vincent Strubel.

In early 2023, Paris 2024 allocated the budget for the Games’ cybersecurity: a little over ten million euros. ANSSI then began to audit the sites and companies taking part in the event.

More recently, the agency launched the first training exercises, simulating large-scale attacks throughout the Games, to see how teams held up. ANSSI will also provide training kits to the various parties involved, in order to prepare them for a number of cyberthreats. All in all, a third of ANSSI’s agents will be dedicated to the Olympics, from now until the event takes place.

Moreover, Vincent Strubel outlined the three types of cyberthreats looming over an event such as the Olympic Games. The first type of cyberattack may target the proceedings, to sway the results: hacking computer systems involved in specific events, or falsifying anti-doping tests for example.

The second threat level concerns the “symbolism of the event”, and will seek to “harm France’s image, as a form of protest.” This could entail disrupting the opening ceremony, the Olympic flame route, or DDoS attacks against transportation or ticketing systems.

The final type of risk is that of organized crime, particularly ransomware attacks. Vincent Strubel recalls that, for the past three years, ransomware groups have switched to a “trawl fishing” method: “they cast a very wide net to catch companies, local governments, SMEs, administrations, health institutions…”

Send this to a friend