Attack hit a computer system which handles data for 40 museums.
A ransomware attack against the Paris Grand Palais exhibition hall, where Olympic events are being held, is being investigated.
According to MSN, a police investigation determined that the attackers targeted the institution's central computer system, but the incident had not caused any disruption to Olympic events.
The computer system at the venue also handles data for 40 - mainly small - museums with which it is affiliated, the prosecutors said in an email.
Josh Jacobson, director of professional services at HackerOne called the attack unsurprising – but potentially quite creative. He said the outcome of this successful compromise could be beneficial to cybercriminals in a number of ways:
1) Because of the sheer number of venues that will be scrambling to get their operations up and running, the bad actors could be hoping to rake in ransoms across the victim pool and maximise financial gain.
2) Targeting more locations than just the Grand Palais may scale as threat actors focus on ‘easier’ targets and attempt to use this access as a foothold into the Olympics’ broader IT systems. It will be interesting to watch the situation unfold on the world stage.
“With less than a week remaining, time will tell if additional cyber incidents happen at the summer games,” he said.
“The potential impact on individuals is a genuine cause for concern and must be managed. We hope that the security and IT teams behind the event and the surrounding systems have prepared for as many scenarios as possible to protect everyone involved, from the attendees to the Olympians to the people of Paris.”
Written by
Dan Raywood
Senior Editor
SC Media UK
Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.
Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.
