‘irresistible Stage’: Olympic Authorities On High Alert For Cyberattacks As Winter Games Kick Off

As the Winter Olympic Games officially open in Milan Friday, security officials have been scrambling to block cyber threats aimed at disrupting the world’s largest sporting event.

This week, Italian authorities have already stopped hacking attempts at several embassies and Olympic venues. Security groups tracking these threats are also warning that hackers might be gearing up to spread disinformation online to discredit the games, or may launch further cyberattacks on Olympics sites ahead of the Opening Ceremony on Friday evening local time.

“With billions of viewers expected and more than a million spectators onsite, the Olympics represent an irresistible stage for hacktivists and, potentially, more sophisticated actors looking for maximum visibility,” said Geradina Corona, spokesperson for the Italian National Cybersecurity Agency, or ACN. “Disrupting TV streaming services, ticketing platforms or other core digital services would guarantee immediate global attention.”

Security for the Olympics — which convenes athletes from around the world and broadcasts live to various international channels — takes years of careful planning and requires close coordination between local and international authorities.

Corona said that ACN began working with the Milano‑Cortina Olympic Organizing Committee “more than a year ago” to address cybersecurity threats to the games, and is working with other international cyber partners, including the International Olympic Committee, to ensure things go smoothly.

Corona noted that during the Games, 10 ACN experts will be working inside the Organizing Committee’s security center scanning for threats, while another 20 ACN experts will support them from ACN headquarters. A spokesperson for the Milano-Cortina Organizing Committee said in a statement that organizers expect hackers to use a variety of tactics, including sending artificial intelligence-enabled phishing emails and deepfake impersonations of Olympic officials, to compromise systems at the Olympics.

The U.S. will also be providing security support to its European partners — though not without controversy. During the 2024 Summer Olympics in Paris, officials from the Cybersecurity and Infrastructure Security Agency, the State Department and the White House assisted French authorities in countering cyberattacks and disinformation-related threats.

This time around, officials from Immigration and Customs Enforcement were sent to assist with monitoring for criminal activity in Milan, drawing large protests due to recent immigration crackdowns in Minneapolis and across other U.S. cities.

Tricia McLaughlin, assistant secretary for public affairs at the Department of Homeland Security, which oversees ICE, said in a statement that agents with ICE’s Homeland Security Investigations were helping to “mitigate risks from transnational criminal organizations,” while noting that “all security operations remain under Italian authority.”

Personnel from CISA, the U.S.’s top cyber defense agency, and from the State Department’s Diplomatic Security Service, which protects U.S. diplomats abroad, will again be involved in security efforts. Steve Casapulla, executive assistant director for infrastructure security at CISA, said in a statement that CISA experts are “sharing real-time threat intelligence” from government and industry groups with Italian security partners.

This global cybersecurity choreography for the Olympics is necessary, as criminal hackers and nation-state actors have frequently targeted the games in recent years.

During the Opening Ceremony of the 2018 Winter Olympics in PyeongChang, Moscow launched a major cyberattack that led to the official Olympics website going offline and hourslong disruptions to television and internet systems.

And earlier this week, Italian officials announced that they had foiled Russia-linked cyberattacks on the Italian Embassy in Washington, D.C., and on hotels and other Olympic sites in Milan and Cortina. A pro-Kremlin hacking gang reportedly claimed responsibility for the distributed denial-of-service attacks — which target websites and servers in an effort to overwhelm their resources — on Telegram, and said the campaign was in retaliation for Italy’s support for Ukraine.

These types of attacks are relatively low-cost and require little skill, said Kristopher Russo, principal threat researcher with Palo Alto Networks’ Unit 42. “So by volume, we see a lot of those.”

Russian hackers may be feeling particularly emboldened to strike this time around. The country has dramatically increased its hybrid attacks against the U.S. and NATO allies in recent months, and Russia’s athletes were again made to compete under the neutral Olympic flag due to its ongoing invasion of Ukraine.

John Hultquist, chief analyst at Google Cloud’s Mandiant, warned that Russia would likely launch disinformation campaigns to undermine the credibility of the Games, among other types of large-scale attacks.

Misinformation tracking groups have already found some instances of false, anti-Ukrainian narratives circulating online.

Russo, who was part of Palo Alto Networks' team that defended the 2024 Paris Olympic Games, said that while authorities remain vigilant, hackers may already be plotting their next moves.

“The spotlight is on them,” said Russo, “they can’t strike until everybody’s watching.”