As if fencing in a famous museum didn’t seem risky enough. Now French cultural institution (and Olympics fencing competition site) the Grand Palais faces a cyberthreat to parry and riposte.
Threat actors have targeted data systems within the museum network, or the Réunion des Musées Nationaux (RMN), according to reports and an official statement from the organization.
No impact has been observed following the August 3 cyber attack, RMN representatives said in a published statement, but the incident demonstrates how a massive global event like the Olympics offers many disruptive opportunities for cyber actors.
“Paris 2024 will see the largest number of threats, the most complex threat landscape, the largest ecosystem of threat actors, and the highest degree of ease for threat actors to execute attacks,” an April 2024 report from market-intelligence firm IDC read.
IDC predicted that the Olympic and Paralympic Games will lead to an $94 million increase in cybersecurity-services spending in France this year.
What we know.
- AP reported that, according to the Paris prosecutor’s office, a ransomware attack targeted central data systems of Paris’s Grand Palais and around 40 other museums in the Réunion des Musées Nationaux network.
- The affected assets appear limited to an internal network of shops, Didier Fusillier, president of the Public Establishment, told Les Echos on August 6. Fusillier said, “We immediately disconnected everything that was vital and called on the special State unit that deals with this type of problem, the French Agency for Information Security.”
- Christophe Chauffour, deputy director general of the RMN-Grand Palais, told Les Echos: “Our stores remain open and simply operate autonomously; payments are no longer connected to the headquarters network so as not to risk infecting it.” Chauffour added that no data extraction has been observed.
- The RMN asserted in its August 6 statement that the 36 Grand Palais RMN-managed bookstores and boutiques are operating normally, autonomously, and “remain open to the public under the usual conditions.”
Top insights for IT pros
From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.
En garde! IT Brew has reported on the massive threat surface presented by the scope of the games—a combination of web-based, back-of-house systems; financial setups; sport technology; broadcast infrastructure; and merchandising and ticketing.
The Paris Olympic Games, which began on July 26, sold 9.7 million tickets, according to AP. The event hosts waves of new visitors, including more than 11,000 Olympians.
In 2018, a cyber attack led to an internet disruption during the Winter Olympics’ opening ceremony.
“The Paris 2024 Olympic and Paralympic Games are likely to attract the attention of various malicious cyber actors who may seek to take advantage of the event to gain visibility and make their claims known, damage the image and prestige of competitions such as those of France, or simply seek financial gains through extortion,” the ANSSI, the national service responsible for cybersecurity at the Olympics, said in a statement cited in IDC’s report.