12643065675?profile=RESIZE_400xAs the 2024 Paris Summer Olympics approach, a sophisticated Russian disinformation campaign is in high gear to sow confusion, undermine the Games, and dissuade spectators from attending.  This is according to a new report from the Microsoft Threat Analysis Center (MTAC) that outlines extensive malign influence efforts emanating from Russia-aligned actors.  "In just under three months, after traversing more than 3,000 miles across 450 French towns, the Olympic flame will be lit at the Opening Ceremony, and we all might expect Russia to increase the intensity of its influence campaigns seeking to discredit the IOC, incite fear amongst participants and attendees, and sully the image and reputation of the Paris Games," the MTAC report warns.[1]

At the center of these efforts are two prolific Russian disinformation groups tracked as Storm-1679 and Storm-1099 (aka "Doppelganger").  MTAC first identified traces of their anti-Olympics campaign as early as the summer of 2023 by creating an AI-generated fake documentary titled "Olympics Has Fallen."

See:  https://redskyalliance.org/xindustry/wieder-doppelganger

"The video, which falsely purported to be a Netflix documentary narrated by the familiar voice of American actor Tom Cruise, clearly signaled the content's creators committed considerable time to the project and demonstrated more skill than most influence campaigns we observe," the report states.  Storm-1679 and Storm-1099 have employed various deceptive tactics across social media, messaging apps, and custom disinformation websites.  These include:

  • Spoofed video clips impersonating outlets like EuroNews, France24, the CIA, and French intelligence agencies warning of terrorism threats at the Paris venues
  • Digitally manipulated images of graffiti threatening a repeat of the 1972 Munich Olympics attack on Israeli athletes
  • A proliferation of fake media articles alleging rampant corruption within the International Olympic Committee (IOC)
  • Claims that a significant percentage of Paris Olympics tickets have already been refunded due to safety concerns

"The most worrisome disinformation advanced by pro-Russian actors has sought to impersonate militant organizations and fabricate threats to the Games amidst the Israel-Hamas conflict," according to MTAC's report.  While these efforts have remained confined to the internet sphere, there are rising concerns that Russian threat actors could take more disruptive actions.  "On the ground, Russian actors may exploit the focus on stringent security efforts by creating the illusion of protests or real-world provocations.  By drawing attention to physical-world events, Russia aims to undermine the confidence in the IOC and French security forces," MTAC warns.

France has already warned about the potential for cyberattacks targeting the Paris Olympics IT infrastructure.  This could portend a scenario similar to Russia's Olympic Destroyer malware attack that disrupted systems during the 2018 PyeongChang Winter Olympics opening ceremony.  "With the Olympics nearly upon us, Olympic-themed phishing sites will pop up to steal credentials for future corporate-based attacks or commit credit card fraud," warned Patrick Harr, CEO of email security firm SlashNext.  "Organizations must educate their employees and, most importantly, be proactive in securing BYOD [bring your device]. With the increased use of BYOD and dual-purpose devices, it's important to avoid giving away login credentials or accidentally adding malicious browser extensions which can be used to breach corporate assets."   Harr recommends having "the right security tools in place, including real-time mobile, browser, and email security solutions" to protect against Olympic-themed phishing lures.

The risk extends beyond just internet-based attacks, as well.  "While the distractions and potential bandwidth strains associated with following the Olympics can damage organizations, mobile security threats have proven to be a more dangerous issue that organizations of all sizes should be particularly wary about," cautioned JT Keating, SVP at mobile security company Zimperium.

With employees likely to try accessing Olympics content from mobile devices, Keating emphasized the need for "proper security controls and to educate end-users about potential threats" given the risks posed by mobile phishing attacks spoofing trusted Olympics sources and apps.  Safeguarding the integrity of the Paris Games will hinge on effective international coordination between cyber defenders and physical security forces, staying vigilant to malign influence operations in the digital world and beyond.

This article is presented at no charge for educational and informational purposes only.

Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization.  Our services can help detect cyber threats and vulnerabilities.     For questions, comments, or assistance, please get in touch with the office directly at 1-844-492-7225 or feedback@redskyalliance.com    

Reporting: https://www.redskyalliance.org/
Website: https://www.redskyalliance.com/
LinkedIn: https://www.linkedin.com/company/64265941

Weekly Cyber Intelligence Briefings:

REDSHORTS - Weekly Cyber Intelligence Briefings

https://register.gotowebinar.com/register/5378972949933166424

 

[1] https://www.secureworld.io/industry-news/russian-disinformation-paris-olympics

E-mail me when people leave their comments –

You need to be a member of Red Sky Alliance to add comments!