As the 2024 Paris Summer Olympics approach, a sophisticated Russian disinformation campaign is kicking into high gear in an attempt to sow confusion, undermine the Games, and dissuade spectators from attending. This is according to a new report from the Microsoft Threat Analysis Center (MTAC) that outlines extensive malign influence efforts emanating from Russia-aligned actors.
"In just under three months, after traversing more than 3,000 miles across 450 French towns, the Olympic flame will be lit at the Opening Ceremony, and we all might expect Russia to increase the intensity of its influence campaigns seeking to discredit the IOC, incite fear amongst participants and attendees, and sully the image and reputation of the Paris Games," the MTAC report warns.
At the center of these efforts are two prolific Russian disinformation groups tracked as Storm-1679 and Storm-1099 (aka "Doppelganger"). MTAC first identified traces of their anti-Olympics campaign as early as summer 2023 with the creation of an AI-generated fake documentary titled "Olympics Has Fallen."
"The video, which falsely purported to be a Netflix documentary narrated by the familiar voice of American actor Tom Cruise, clearly signaled the content's creators committed considerable time to the project and demonstrated more skill than most influence campaigns we observe," the report states.
From there, Storm-1679 and Storm-1099 have employed a wide range of deceptive tactics across social media, messaging apps, and custom disinformation websites. These include:
- Spoofed video clips impersonating outlets like EuroNews, France24, the CIA, and French intelligence agencies warning of terrorism threats at the Paris venues
- Digitally manipulated images of graffiti threatening a repeat of the 1972 Munich Olympics attack on Israeli athletes
- A proliferation of fake media articles alleging rampant corruption within the International Olympic Committee (IOC)
- Claims that a significant percentage of Paris Olympics tickets have already been refunded due to safety concerns
"The most worrisome disinformation advanced by pro-Russian actors has sought to impersonate militant organizations and fabricate threats to the Games amidst the Israel-Hamas conflict," according to MTAC's report.
While these efforts have so far remained confined to the internet sphere, there are rising concerns that Russian threat actors could take more disruptive actions.
"On the ground, Russian actors may look to exploit the focus on stringent security efforts by creating the illusion of protests or real-world provocations. By drawing attention to physical-world events, Russia aims to undermine the confidence in the IOC and French security forces," MTAC warns.
France has already issued warnings about the potential for cyberattacks targeting the Paris Olympics IT infrastructure. This could portend a scenario similar to Russia's Olympic Destroyer malware attack that disrupted systems during the 2018 PyeongChang Winter Olympics opening ceremony.
[RELATED: Like a Spy Movie: How Russia Hacked Its Olympic Enemies]
"With the Olympics nearly upon us, Olympic-themed phishing sites will pop up to steal credentials for future corporate-based attacks or commit credit card fraud," warned Patrick Harr, CEO at email security firm SlashNext. "Organizations must educate their employees and, most importantly, be proactive in securing BYOD [bring your own device]. With the increased use of BYOD and dual-purpose devices, it's important to avoid giving away login credentials or accidentally adding malicious browser extensions which can be used to breach corporate assets."
Harr recommends having "the right security tools in place, including real-time mobile, browser, and email security solutions" to protect against Olympic-themed phishing lures.
The risk extends beyond just internet-based attacks, as well. "While the distractions and potential bandwidth strains associated with following the Olympics can damage organizations, mobile security threats have proven to be a more dangerous issue that organizations of all sizes should be particularly wary about," cautioned JT Keating, SVP at mobile security company Zimperium.
With employees likely to try accessing Olympics content from mobile devices, Keating emphasized the need for "proper security controls and to educate end-users about potential threats" given the risks posed by mobile phishing attacks spoofing trusted Olympics sources and apps.
Safeguarding the integrity of the Paris Games will hinge on effective international coordination between cyber defenders and physical security forces staying vigilant to malign influence operations in the digital world and beyond.
As the Olympic torch relay proceeds across France, all eyes will be on whether Russia's disinformation blitz goes beyond fanning online flames to sparking real-world chaos.
Follow SecureWorld News for more stories related to cybersecurity.
