Cybersecurity analysts are warning of escalating cyber threats targeting the Paris 2024 Olympics. FortiGuard Labs reports a significant surge in dark web activity targeting France, with an 80-90% increase from late 2023 to mid-2024. These threats are becoming more sophisticated, posing risks to attendees and organisers.
A significant concern is the proliferation of phishing kits designed for the Olympics in France, enabling cybercriminals to deceive users into divulging personal information or downloading malware. Fake ticketing platforms and fraudulent merchandise websites also present financial risks.
Hacktivist groups, particularly from Russia and Belarus, are exploiting the event’s international prominence to disrupt the Olympics for political purposes. Experts warn that these attacks could provoke real-world violence or disrupt the Games and democratic processes in France.
As the Olympics approach, experts emphasise the importance of robust cybersecurity measures. Organisations should implement advanced encryption, stringent access controls, regular security audits, end point protection, caution with public Wi-Fi, and multi-factor authentication (MFA).
The Centres for Medicare and Medicaid Services have announced the discontinuation of a program designed to assist Medicare providers and suppliers impacted by disruptions at UnitedHealth’s technology division, Change Healthcare.
Initiated in response to a hack at Change Healthcare on February 21st by threat actor ‘BlackCat’, the program will now cease accepting new applications as of July 12. It has distributed over $2.55 billion in expedited payments to 4,200 providers such as hospitals and $717.18 million to suppliers including doctors, non-physician practitioners and durable medical equipment suppliers, with a significant portion of these funds already recovered. Providers are now able to effectively submit claims to Medicare.
The cyber incident in February affected a key player in processing medical claims. The US Change Healthcare handles approximately half of all medical claims in the United States, serving about 900,000 physicians, 33,000 pharmacies, 5,500 hospitals, and 600 laboratories, adding to the growing cyber threat posed to the healthcare industry.
Denmark has raised its threat level for destructive cyber attacks from ‘low’ to ‘middle’ due to growing threats from Russia, the Danish Centre for Cyber Security (CFCS) announced on Tuesday. The new level, three on a five-level scale, indicates that while there are actors with the intention and capacity to carry out attacks, there are no specific indications of planned activity.
Defense Minister Troels Lund Poulsen highlighted the increased willingness of Russia to challenge NATO countries through various means, including sabotage and cyber attacks. Despite the heightened cyber threat, Poulsen emphasised that there is no direct military threat to Denmark, based on Danish Defence Intelligence Service assessments.
We’ve reported before that US authorities have been warning against imminent cyberattacks from Russia. This time, it’s the cybersecurity authorities from the Five Eyes – Australia, Canada, New Zealand, the UK, plus the USA – who are warning of the risk that cyberattacks are being planned against critical infrastructures in Ukraine and beyond.
The warning comes in a joint cybersecurity advisory, which refers to US intelligence that the Russian government may be exploring options for potential cyberattacks.
The advisory also notes that cybercrime groups that have recently publicly pledged support for the Russian government ‘have threatened to conduct cyber operations in retaliation for perceived cyber offensives against the Russian government or the Russian people.’ The same threat exists for countries and organisations helping Ukraine.
Several government websites in Israel – including the websites of the ministries of interior, defence, and justice – were unavailable for over an hour on 14 March. The incident was caused by a distributed denial of service (DDoS) attack against a communications provider, according to the country’s National Cyber Directorate. Access to the affected websites was restored later in the day.
No statements were made regarding attribution of the attack, although some media sources pointed to a possible Iranian involvement.
