As the Milano-Cortina Winter Olympics begin, the athletes aren’t the only ones in action, with cybersecurity teams already fending off attempts to disrupt Olympic-related systems.
Italian officials say they have blocked cyber activity targeting government and Games-adjacent infrastructure, reinforcing how tightly cybersecurity is now woven into Olympic operations.
The Olympics run on technology.
Ticketing, payments, transport, broadcasting, accreditation, hotel bookings, and even crowd management all depend on connected systems that need to work flawlessly, often under intense time pressure. That makes the Games uniquely attractive to cybercriminals, hacktivists, and espionage groups looking for attention, profit, or long-term access.
As recent Olympics have shown, even relatively small digital disruptions can snowball quickly when billions of viewers and tightly choreographed schedules are involved.
Why It Matters: The Olympics mirror many of the same challenges large organizations face, just under tighter timelines and public scrutiny. The Games depend on complex, interconnected systems, heavy third-party reliance, identity and access controls, peak traffic, and near-zero tolerance for downtime, all familiar enterprise realities. The threats involved aren’t unique either; ransomware, phishing, DDoS, and supply-chain weaknesses are the same ones enterprises deal with every day. What the Olympics highlight is how quickly minor issues can cascade when systems are tightly coupled and time is limited, making resilience, visibility, and clear operational ownership critical well beyond the world of sports.
- A familiar pattern at every Games: Analysis from Palo Alto Networks’ Unit 42 shows that recent Olympics have consistently attracted cyber activity, from Wi-Fi and infrastructure disruptions at PyeongChang 2018 to sabotage attempts around Tokyo 2020 and spikes in DDoS attacks, phishing, and scam traffic during the Paris 2024 Games. Milano-Cortina 2026 follows the same playbook.
- Early activity before the opening ceremony: Italian officials say they have already blocked cyber attempts targeting government systems and Olympic-adjacent infrastructure, including sites connected to the Games and nearby hotels. Activity is showing up before the opening ceremony, while systems are still ramping up and defenders are managing last-minute changes.
- Peripheral systems under pressure first: Reported activity has focused on foreign ministry offices and hospitality infrastructure rather than competition systems themselves, reinforcing a common Olympic pattern: attackers probe softer, supporting services that still affect operations, travel, and coordination.
- An enormous and messy attack surface: The Olympics span far more than stadiums. Ticketing platforms, payment systems, transit networks, hotels, mobile apps, broadcasters, and government systems are all in play, and the current focus on non-venue systems shows how wide the exposure really is.
- Signals for enterprise defenders: The types of systems already being targeted, public-facing websites, hospitality services, and government infrastructure, mirror those most enterprises rely on daily, offering a real-time example of how attackers look for leverage outside core systems.
Palo Alto Networks: Inside the Winter Olympics of Cybercrime – Cyber Magazine
Trusted insights for technology leaders
Our readers are CIOs, CTOs, and senior IT executives who rely on The National CIO Review for smart, curated takes on the trends shaping the enterprise, from GenAI to cybersecurity and beyond.
Subscribe to our 4x a week newsletter to keep up with the insights that matter.
