AILSA CHANG, HOST:
As the Paris Olympics get underway, teams of IT experts are thinking about one thing, and it's not the sports. It's the possibility of a disruptive cyberattack. NPR cybersecurity correspondent Jenna McLaughlin joins us now. Hi, Jenna.
JENNA MCLAUGHLIN, BYLINE: Hey, Ailsa.
CHANG: OK. so I don't think I'm the only one who's been thinking a lot about last week's CrowdStrike outage and what an impact it had. Like, I was stuck in an airport for hours. So many flights were canceled. Hospitals were affected. What sort of cyberattacks are IT experts preparing for at these Paris Games?
MCLAUGHLIN: Yeah, funny you mention the CrowdStrike outage. That same technical glitch impacted the Paris Olympics IT team. They were quickly back online. There are a couple of different categories they're worried about. That includes sort of the human error that we've been talking about, but it also includes cybercriminals who want to make money, nation-states who want to launch politically motivated cyberattacks. So people have been preparing for these possibilities since the winter around December, January.
I talked to Wendi Whitmore. She works for Palo Alto Networks, and she was on the ground in Paris in June, meeting with all the different stakeholders in the Olympics, including transportation, people selling tickets, companies that were running the venues in the stadiums, and they were doing briefings on these threats and running simulations of these possible crises. Here's how she described those conversations.
WENDI WHITMORE: It all boils down to being really able to quickly identify that something is amiss and then quickly respond to it. So I think organizations are pretty well prepared for that. But as we've mentioned, there are so many different angles of types of attacks that they may need to protect from that I think it's going to be, you know, an intense two to three weeks.
CHANG: Intense. Wait, are the Olympics typically a big target of cyberattacks?
MCLAUGHLIN: Yeah. Actually, all major events are targets. Hackers know that the world is paying close attention, but in particular in the past, the Olympics have been a big target, especially for Russian politically motivated cyberattacks. The Olympics are a matter of national pride for Russia. They've had a lot of medals and success in the past, but doping scandals and war have kept the athletes from being able to compete under their flag in recent years. So they know that cyberattacks are an opportunity to cause chaos, but also send a message. Back at the Winter Games in South Korea in 2018, everything crashed during the opening ceremonies. It was a disaster.
CHANG: Oh, yeah.
MCLAUGHLIN: And at first, experts thought it was North Korea, but it had actually been Russia trying to obscure their tactics. However, now that Russia is kind of distracted by Ukraine, that might not happen. I wouldn't count them out. But Wendi Whitmore said that she was more worried about opportunistic cybercriminals. Take a listen.
WHITMORE: We're investigating those type of attackers on a daily basis, and I think the concern that is increasing with cybercriminals in particular is just their level of sophistication. And so I would think, by and large, that's our primary target.
MCLAUGHLIN: These type of hackers know that countries are investing a lot of money. The Paris Olympics are supposed to be the luxury Olympics. And cybercriminals know that if they disrupt their broadcast, people might pay to get back on schedule.
CHANG: Oh, interesting. OK, so beyond these opportunistic cybercriminals, are there any other sorts of online threats experts are warning you about?
MCLAUGHLIN: Yeah. They've already been seeing a lot of disinformation pumped out about the Paris Olympics, different narratives about Paris bedbugs, the Seine being unsanitary, anti-immigrant kind of commentary. And I think people are more aware of that threat at this point, and it's having a bit less of an impact.
Meanwhile, viewers at home should keep an eye out for possible scams. If you get a text or an email with a link to log in and view something, if it's asking for your user name and password, you should be a little bit skeptical of that. It's encouraging to me, though, that cyber is clearly part of the broader emergency preparedness strategy. That wasn't necessarily the case a couple years ago. It's going to be harder for hackers to disrupt and make money this time.
CHANG: That is NPR cybersecurity correspondent Jenna McLaughlin. Thank you so much, Jenna.
MCLAUGHLIN: Thank you.
(SOUNDBITE OF MUSIC) Transcript provided by NPR, Copyright NPR.
NPR transcripts are created on a rush deadline by an NPR contractor. This text may not be in its final form and may be updated or revised in the future. Accuracy and availability may vary. The authoritative record of NPR’s programming is the audio record.
