Grand Palais Rmn faces ransomware attack during Olympic Games

The Grand Palais Réunion des musées nationaux (Rmn), located in France, disclosed that it was the target of a cyberattack on Saturday, August 3, 2024, during the Olympic Games. The organisation, which is in charge of managing several of France’s most prominent museums and cultural landmarks, announced the incident in an official statement detailing its impact and the ongoing efforts to address it.

Large-scale Olympic art exhibitions and cultural events are currently taking place at Paris’s Grand Palais, a famous exhibition hall and historic venue. The attack’s timing presents serious questions regarding the safety of vital infrastructure during well-publicised international events.

 

The Grand Palais Rmn issues were initially attributed to a ransomware attack.

 

Sources claim that the attackers were successful in breaking into the system and seriously disrupting operations. The head of the Louvre, Matthias Grolier, quickly refuted allegations on social networking platform X that the attack had affected other institutions, including the renowned Louvre.

More information from a French media outlet showed that the Grand Palais Rmn immediately stopped the ransomware from spreading by shutting down its computers. The bookstores and boutiques at different museums were momentarily unable to operate as a result of this preventive move. Nevertheless, a quick fix was put in place, enabling these shops and boutiques to carry on providing for the public while operating independently.

The organisation reassured the public that the cyberattack had no long-term effects on the museums under its supervision, regardless of the initial problem. Sunday’s Olympic festivities at the Grand Palais went off without any issues, and the 36 museum stores under the organisation’s management opened for business as usual.

Grand Palais Rmn immediately contacted the Ministry of Culture, the National Commission on Informatics and Liberty (CNIL), and the French National Cybersecurity Agency (ANSSI) about the incident. At the moment, ANSSI is supporting initiatives related to network restoration and repair. There has not been any proof of data exfiltration from the affected systems, according to preliminary examinations.

In a claimed ransom note, the attack’s cybercriminals threatened to release the stolen material if their demands were not fulfilled and demanded payment in cryptocurrency. Researchers believe that the attack may have originated from a Grand Palais Rmn colleague’s hacked account and that the account details were stolen via info-stealer malware.

The criminals’ identities are still unknown because no ransomware organisations have come forward to take responsibility as of yet.

The incident highlights the increasing cyber threats faced by cultural institutions and the urgent need for strong cybersecurity, especially during major events like the Olympics. To ensure visitors and Olympic athletes can continue enjoying France’s cultural heritage, the Grand Palais Rmn remains open with enhanced security measures.