As the Olympic Games kick off in Paris today, cyber experts are on guard for what could be a tsunami of website takedowns.

Why it matters: Distributed denial of service (DDoS) attacks are typically viewed as nuisances in the cybersecurity world — but when they're successful they can severely impact online services or live events.

The big picture: Hackers have started relying on DDoS attacks, which overload a website with malicious bot traffic, to garner attention or obfuscate larger hacking campaigns.

• Throughout the war between Israel and Palestine, hacktivists on both sides have turned to DDoS attacks to shut down media and government websites.

Between the lines: DDoS attacks can play a psychological role that unsteadies affected users or everyday citizens.

• "The recognition of how important the availability of these services is, that's what makes it an enticing attack surface," Hardik Modi, area vice president of engineering at Netscout, told Axios.
• "They recognize that the broadcaster doesn't want their systems going down at the time," Modi added. "The ticketing systems don't want to be down at that moment when 20,000 people are trying to enter a soccer stadium."

Flashback: The Olympics and other sporting events have long been ripe targets for hackers and DDoS attacks.

• In 2018, hackers successfully disrupted internet access and telecasts and shut down the official Olympics website during the Winter Olympics' opening ceremony in Pyeongchang, South Korea.
• The 2016 Rio Olympics faced DDoS attacks that reached 540 Gbps, while the 2020 Tokyo Olympics faced roughly 450 million attacks, Cyber Magazine reports.

Zoom out: The Paris Games are coming at a time of heightened political tension — as the war between Israel and Hamas carries on, Russia continues its attacks against Ukraine, and several countries face key elections this year.

• Russia is also barred from participating in the Games under its own flag — which could further inspire Russian hacker gangs to target this summer's Games, Modi said.

The intrigue: Politically motivated hackers have already started showing signs that they'll target the Paris Games.

• Russian groups HackNeT and the People's Cyber Army launched "trial DDoS attacks" against a series of French websites, cyber firm Cyble said in a report last week.
• Targets included the sites belonging to the Grand Palais museum and the La Rochelle International Film Festival.

State of play: DDoS is just one of a long list of cybersecurity threats that experts are keeping an eye on throughout the Olympic Games.

• France's interior minister said this week that about 1,000 people have already been blocked from attending the Games over suspicions that they could be government spies.
• Russian propagandists have already been linked to a fake video circulating online showing a man purporting to be a Hamas fighter threatening the Olympics, according to NBC News.

Yes, but: France has been preparing for an onslaught of digital threats and turning to allies for assistance.

• Washington officials have been advising their French counterparts about how best to defend against incoming cyber threats.
• French Prime Minister Gabriel Attal said yesterday that cyberattacks against the Olympics are inevitable. "The key is to limit their impact," he told reporters at the Games, per Reuters.

KnowBe4, a well-regarded security training company, is the latest to fall victim to a long-running North Korean IT worker scam.

Why it matters: Even the companies designed to fend off these threats haven't figured out a way to avoid them.

The big picture: North Korean workers have gotten scary good at gaming U.S. hiring practices to score coveted remote jobs to make money for the regime and to collect U.S. company secrets.

• Many of these job candidates tap AI tools to obfuscate their voices or change their images during calls so they go undetected.
• U.S. companies are barred from hiring people in North Korea due to strict sanctions.

Zoom in: KnowBe4 CEO Stu Sjouwerman wrote in a blog post Wednesday that the company recently discovered and fired an employee who was one of these North Korean IT workers.

• KnowBe4 had conducted four video conference interviews, run a background check, and even confirmed the person matched the photo provided on his application before hiring him.
• But the candidate had stolen a U.S.-based identity and used AI tools to enhance a stock image to bypass an ID check, Sjouwerman said.

What happened: Last Monday, KnowBe4's security team detected a "series of suspicious activities" coming from the new employee's laptop.

• Upon further review, the company realized that the new employee had been trying to transfer "potentially harmful files" and "execute unauthorized software."
• After the new employee declined to hop on a phone call for several hours, the IT team decided to wall off his computer from the rest of the corporate network.
• The employee wasn't able to illegally access any of KnowBe4's systems and no data was lost, stolen or compromised, Sjouwerman wrote.
• However, the employee did try to load infostealer malware onto his machine. Sjouwerman said the company isn't quite sure why.

What they're saying: "We could have kept quiet while wiping the egg off our face," Sjouwerman wrote in a follow-up post yesterday. "However, our mission is to make the world aware of cyber crime."

• "If something like this can happen to us, it can happen to almost anyone," he added.
• Sjouwerman said he could share only limited details because the FBI is actively investigating the matter.

Threat level: Insider threats have become a bigger issue as American AI companies continue to dominate the industry.

The bottom line: KnowBe4 recommended that other companies employ tough job candidate vetting, conduct all remote job interviews with cameras on, and only ship laptops to the address where the candidate lives.

• KnowBe4 will also start shipping new employee laptops to a nearby UPS shop and require employees to provide a picture ID to obtain them.

CrowdStrike CEO George Kurtz said in a LinkedIn post yesterday that 97% of the Windows sensors that went offline during last week's global IT outage are now back up and running.

Why it matters: Roughly a week after CrowdStrike shipped out a faulty update that bricked millions of Windows computers, the worst appears to be over.

What they're saying: "I am deeply sorry for the disruption this outage has caused and personally apologize to everyone impacted," Kurtz wrote in his post.

• "While I can't promise perfection, I can promise a response that is focused, effective, and with a sense of urgency."
• "To our customers still affected, please know we will not rest until we achieve full recovery," he added.

The big picture: Experts have called the CrowdStrike outage the largest IT outage in history.

• The outage affected banks, hospital systems, airlines and retailers. One insurer estimates that Fortune 500 companies lost a collective $5.4 billion from the outage.

Catch up quick: CrowdStrike said in preliminary investigation results published Wednesday that "problematic content data" that accidentally landed in a software update caused the outage.

• The company has added new steps to its internal review processes and said it would start staggering the release of all updates across its customers to avoid a repeat situation.

Yes, but: CrowdStrike is likely to face a new round of scrutiny now that the immediate damage from the incident is almost resolved.

• Lawmakers have called on Kurtz to testify on what happened, and the company is facing criticism over its communications strategy.

@ D.C.

🇰🇵 North Korean hackers have conducted a global cyber espionage campaign to steal classified U.S. military secrets, government officials warned. (Reuters)

⚠️ Hackers have leaked a trove of data allegedly stolen from Leidos, a government IT provider that counts the Pentagon, NASA and the Department of Homeland Security among its clients. (Bloomberg)

🔓 FBI Director Christopher Wray told Congress that the bureau is still working to crack encrypted messaging apps used by Thomas Matthew Crooks, the man who attempted to assassinate former President Donald Trump. (The Record)

@ Industry

💪🏻 Meta removed more than 63,000 accounts from its social media platforms tied to a Nigeria-based sextortion ring. (Axios)

💰 Chainguard, a cybersecurity startup focused on the software supply chain, raised a $140 million Series C funding round at a $1.12 billion valuation. (GeekWire)

🪙 Proton, a popular maker of encrypted internet services, has launched its first cryptocurrency wallet. (TechCrunch)

@ Hackers and hacks

👀 Someone leaked a database containing member names, private messages, cryptocurrency addresses and posts from dark-web cybercrime forum BreachForums. (BleepingComputer)

Food for thought: A $10 UberEats gift card (even to your partners) isn't always the best apology gift.