The Milan-Cortina 2026 Olympic Games are a prime cyber target. Here’s why – and how defenders are responding

Off the ski slopes and outside the ice rinks, another high-stakes competition is underway at the Milan-Cortina Winter Olympic Games: an online struggle to secure the Games' cyberspace.

On one side are cybercriminals and threat actors seeking to disrupt the Games, and on the other are cybersecurity professionals and law enforcement authorities working in concert to defend the digital systems that underpin the Games.

The Olympic Games are an attractive target for nefarious cyber actors, experts note, with digital ticketing systems, live TV and digital broadcasting channels, and immense economic activity all presenting targets for attack. Moreover, with more than 3 billion people expected to watch the Games worldwide, the incentives for disruption, espionage and fraud are significant.

"The sheer volume of people, systems, money, and data surrounding the Milan-Cortina 2026 Winter Games creates a target-rich environment for attackers," Unit 42, Palo Alto Networks’ threat research and assessment team, noted in a recent report on defending the Milan-Cortina Games.

The Olympic Games have long been a target for cyber attacks.

In 2018, cyber attackers targeted the PyeongChang Games in South Korea, disrupting broadcasts of the opening ceremony and briefly taking the official website offline. Two years later, the Japanese telecommunications firm NTT Corporation reported that it had blocked 450 million breach attempts targeting the official website of the 2020 Tokyo Games. Law enforcement agencies and cybersecurity experts also reported a spike in cyberattacks targeting the 2024 Paris Games, with one distributed denial-of-service (DDoS) attack on the official website peaking at 190,000 requests per second.

"The Winter Games are a temporary, highly complex, and distributed global enterprise spanning multiple cities, thousands of suppliers, global broadcasters, third-party apps, Wi-Fi networks, and critical services," Justin Moore, a Senior Manager at Unit 42, told the World Economic Forum. "This massive scale makes achieving full visibility and defense significantly more challenging, as each integration point introduces potential gaps for attackers to exploit."

Cyber attacks on the Olympic Games are motivated by a range of threat categories.

This includes financially motivated cybercrime, which often employs ransomware and large-scale scams targeting fans, sponsors and suppliers, and politically motivated disruption, which can entail DDoS attacks, website manipulation or data leaks to amplify ideological messages during a moment of maximum global visibility. Government espionage motivations are another cybersecurity concern.

The actors behind the cyber threats vary, too, further complicating the cybersecurity landscape.

Criminal ransomware gangs, for instance, are expected to target the Games and utilise social-engineering-led intrusions that seek sensitive consumer data and payment information. Meanwhile, nation-state actors may attempt to infiltrate networks for intelligence purposes and so-called hacktivist groups could use the Games to spread political messages.

"Ransomware operators are likely to focus on peripheral business providers to the Olympics versus the core infrastructure meaning vendors, logistics, and hotels are attractive targets," Moore stated, adding that other threat actors may focus on the "high-pressure intersection of live broadcasting, athlete movement, and fan transit to erode the perceived competence of the host nation and the [International Olympic Committee]."

Last month, the World Economic Forum released its Global Cybersecurity Outlook 2026, which found that AI is expected to significantly reshape the cybersecurity landscape.

The vast majority of surveyed leaders (94%) anticipated that AI would be the “most significant driver of change in cybersecurity.” Meanwhile, 87% of respondents identified AI-related vulnerabilities as the fastest-growing cyber risk.

At the Milan-Cortina Games, AI is being used by both the cyber threat actors and the defenders, experts say.

For attackers, AI can facilitate more sophisticated phishing, deepfakes and rapid scanning for software and application programming interface vulnerabilities. Cyber attackers, the Unit 42 report notes, can now create “highly convincing deepfakes and emails with minimal technical effort or expense,” enabling complex fraud and impersonation campaigns.

AI is also becoming indispensable for defenders. Security teams increasingly rely on AI-driven analytics to detect anomalies, automate incident response, and manage the sheer volume of data generated during major events such as the Olympic Games.

"AI-driven defense technologies provide significant advantages in an environment where every second counts," Moore stated. "Ultimately, AI allows defenders to operate with the same speed and scale attackers increasingly rely on."

Law enforcement agencies and cybersecurity experts stress that defending the Milan-Cortina Games requires early preparation, coordination and resilience measures.

In its report, Unit 42 stated that "staying ready is better than getting ready," urging organizations to improve visibility, accelerate zero-trust adoption and strengthen automated detection and response.

In Rome, Italy’s National Cybersecurity Agency (ACN) has established a cybersecurity command centre to detect and respond to cyber threats associated with the Milan-Cortina Games. The centre, ACN Director General Bruno Frattasi said in a statement, will be used to "monitor and analyze threats, exchange critical information, and support crisis management, thus ensuring the cybersecurity of the event and the protection of technological assets."

Last week, the Italian government said that it foiled a series of cyber attacks originating in Russia that targeted various Olympic Games venues and hotels.

Cybersecurity agencies and experts maintain that public and private sector collaboration is critical to ensuring robust cybersecurity measures. Such cooperation includes intelligence sharing, incident reporting and coordinated defences. As the Forum’s Global Cybersecurity Outlook 2026 underscores, "strengthening collective cyber resilience has become both an economic and a societal imperative."

This year, accelerating technological change, persistent geopolitical volatility and widening capability gaps are complicating the cybersecurity landscape and introducing profound vulnerabilities.

“Cybersecurity risk in 2026 is accelerating, fuelled by advances in AI, deepening geopolitical fragmentation and the complexity of supply chains,” the Global Cybersecurity Outlook 2026 states.

Large-scale events like the Milan-Cortina Games reflect the growing complexity of the global cyber ecosystem as such events depend on sprawling digital supply chains, temporary infrastructure and thousands of third-party partners. Moreover, the Games highlight the cross-sector collaboration required to safeguard cyberspace.

As the Unit 42 report notes, “for athletes and defenders alike, winners will be determined by preparation and strategy.”