Advertisement

French Olympic venue and cultural site targeted in cyberattack

Officials deny ransomware, contrary to initial press reports.
Austria's Tjebbe Kaindl rides past Grand Palais as he competes in the cycling race, during the mixed's relay triathlon, at the Paris 2024 Olympic Games, in central Paris, on August 5, 2024. (Photo by Mauro PIMENTEL / AFP)

The Grand Palais Réunion des musées nationaux, a major cultural venue in Paris and host to several Olympic events, suffered a cyberattack over the weekend that authorities said did not result in lasting damage, contrary to press reports that venue data was encrypted as part of a ransomware attack.

French news outlet Le Parisien reported Monday that unnamed attackers encrypted financial data associated with the venue, including the Louvre, and are holding it ransom. Matthias Grolier, the Louvre’s director, said Tuesday in a post on X that “contrary” to those reports, the Louvre was not targeted with ransomware. “Solidarity with our colleagues who are victims of this attack,” Grolier said, according to a machine translation from French.

According to a press release issued by the Grand Palais, a “cyberattack” hit the venue the night of August 3 into the morning of August 4, and France’s cybersecurity agency, the ANSSI, was notified immediately “to analyze the situation and restore our networks.” 

“To date, no data extraction has been detected,” the venue said in the statement. 

Advertisement

A spokesperson for the ANSSI told CyberScoop on Tuesday that the agency provided assistance to the Grand Palais. 

“The incident does not affect information systems involved in the holding of the 2024 Olympic and Paralympic Games,” the spokesperson said.

Neither the venue nor the ANSSI immediately responded to questions with more detail about the nature of the attack or whether there was a ransomware or encryption component. 

Cybersecurity experts warned that the Paris Olympic Games were an obvious target for cyberattacks given its high-profile nature and current global geopolitical events. Researchers with Recorded Future’s Insikt Group, for instance, said in June that hacktivists would likely attempt cyber disruptions to protest support for Ukraine and Israel, and that organizations “should prepare for increased DDoS activity, website defacements, and potential wiper malware disguised as ransomware.”

State-sponsored cyber disruptions were likely to be more “restrained due to France’s NATO membership,” the researchers said, but cyber espionage was likely to escalate using Olympic-themed lures.

Advertisement

Microsoft’s Threat Intelligence Center also warned in June of a “network of Russia-affiliated actors pursuing a range of malign influence campaigns against France, French President Emmanuel Marcon [sic], the International Olympic Committee (IOC), and the Paris Games.”

Russia has a history of maligning the Olympics, Microsoft researchers said, and had been linked to past cyber-enabled attacks on the World Anti-Doping Agency and a destructive attack against the 2018 Winter Olympics.

French infrastructure has suffered some physical sabotage coinciding with the Olympics, including cuts of rail-related cables and fiber optic cables

AJ Vicens

Written by AJ Vicens

AJ covers nation-state threats and cybercrime. He was previously a reporter at Mother Jones. Get in touch via Signal/WhatsApp: (810-206-9411).

Latest Podcasts