A test carried out on the sidelines of the Paris 2024 Olympic Games shows that some police officers do not have the right reflexes when dealing with phishing. A reminder of good cybersecurity practices is in order.
THE Paris 2024 Olympic Games, scheduled to launch on July 26, are a real organizational headache. For the local residents of course, who will have to deal with a massive influx of people coming to watch the events and all the resulting constraints such as the need to have a QR code to travel. But also behind the scenes at the level of Informatic Systems managing the event. L’National Agency for Information Systems Security (ANSSI) has also warned of an increase in cyberattacks in the run-up to the Games.
We therefore imagine that the authorities in charge are particularly prepared at this level. However, a full-scale test shows thatthere is still work to be done. Recently, 9,000 gendarmes and deputy gendarmes from Île-de-France received an email with the subject line “Exclusive allocation of places for the 2024 Olympic Games events“. Inside, they learn that “the Minister of the Interior obtained […] a significant number of places for internal security forces during competitive events at Olympic venues” and that these tickets “in limited number” are “directly recoverable” by clicking on the given link. Does that seem suspicious to you? You are right.
The gendarmerie tests its numbers by sending a fake phishing email, 10% fall for it
Sending the email was a full-scale test to check the reflexes of the gendarmes in matters of Cybersecurity. Approximately 5,000 opened the message and among them, 500 clicked on the link without being suspicious, either 10%. However, there were clues scattered here and there. The web address of the gendarmerie website was not correct, there were two unusual spelling mistakes in “General Directorate of the National Gendarmerie” and the signatory, the General Xavier Duceptwas given a position that is not his.
Read also – 2024 Olympics: why you should avoid having packages delivered to you during the events
After clicking, the police landed on a page informing them of their error and reminding them “7 best practices” to adopt when reading an email like this. General Ducept recalls that “the cyber threat is real and will further increase during [Jeux olympiques et paralympiques]. […] For the national gendarmerie, as for other organizations in the private or public sector, the security of information systems is an imperative.“.
Source: Le Parisien