Unofficial competition at the Winter Olympics: Cybercrime

How cybercriminals are targeting the world’s biggest winter sporting event

Takeaways:

• High‑profile international events like the Olympics attract cybercriminals due to massive global attention, complex digital infrastructure and valuable data.
• Russia‑linked actors have already attempted cyberattacks on Olympic‑related systems in Italy, including hotels and foreign ministry websites.
• Common threats include phishing, spoofed websites, credential theft, scams targeting attendees, and DDoS attacks against official services.
• Italy is deploying a 24/7 cybersecurity command center, national cyber agencies and international partners to defend the Games.
• Businesses can protect themselves by strengthening security awareness, hardening infrastructure and increasing vigilance.

Why global events like the Olympics attract cybercriminals

Every two years, the Olympics become the center of global attention — and that spotlight doesn’t just draw fans. It also attracts cybercriminals, hacktivists and nation‑state groups looking to exploit excitement, urgency and the massive digital footprint behind the Games.

Events like the Milano‑Cortina Olympics rely on sprawling networks: ticketing portals, broadcast platforms, transportation systems, athlete services, cloud applications, hotel systems, and vendor integrations. The sheer number of users and systems interacting across borders produces a target‑rich environment for attackers.

Cybercriminals take advantage of:

• Trust and urgency (perfect conditions for phishing)
• High‑value data (credentials, payment information, personal details)
• Distributed systems and third‑party vendors (weak links create openings)
• Large attack surfaces (venues spread across multiple regions)

And because the whole world is watching, even small disruptions make headlines — an appealing outcome for groups seeking attention or political leverage.

Real-world threats already targeting the 2026 Olympics

Italy has already confirmed multiple cyber incidents targeting Olympic‑linked infrastructure — and notably, many have been attributed to Russia‑aligned actors.

Russia‑linked cyberattacks

Italy’s Foreign Minister reported that authorities foiled a series of cyberattacks “of Russian origin” aimed at websites tied to the Winter Olympics, hotels in Cortina d’Ampezzo, and even foreign ministry facilities including the Italian embassy in Washington.

Pro‑Russian hacktivist group NoName057(16) claimed responsibility for these attacks, describing them as retaliation for Italy’s support of Ukraine. Their operations typically rely on DDoS attacks that disrupt availability of critical services such as hotel sites and government platforms.

These aren’t isolated incidents. Historically, Russian‑linked threat actors have targeted Olympic Games with sabotage, phishing campaigns and infrastructure disruption. Past examples include attacks during the 2018 PyeongChang Olympics and attempted sabotage ahead of the 2020 Tokyo Olympics.

Credential theft, scams and espionage

According to ZeroFox intelligence, attackers are already harvesting exposed credentials associated with Olympic‑related systems — prime setup for account takeovers, impersonation and follow‑on phishing campaigns.

Other threats appearing in the lead‑up include:

• Fake ticket websites and accommodation scams targeting fans and tourists.
• Phishing and spoofed domains impersonating Olympic communications, sponsors and travel providers.
• Nation‑state espionage targeting diplomats, executives and high‑value attendees.

This blend of crime, hacktivism and nation‑state operations makes the 2026 Milano‑Cortina Games one of the most complex Olympic threat environments to date.

How Italy is preparing to defend the games

Italy has mounted one of the most extensive cybersecurity operations ever seen for a sporting event.

A 24/7 cybersecurity command center

For the first time, Italy has launched a round‑the‑clock cybersecurity command center in Rome to monitor threats across all venues, coordinate digital defenses and respond rapidly to incidents.

This center works with:

• The National Cybersecurity Agency of Italy
• Law enforcement across Milan, Bolzano, Trento, and surrounding areas
• Private cybersecurity partners
• International organizations including Europol and Interpol for intelligence sharing

The coordinated, multi-agency model reflects lessons learned from the 2024 Paris Olympics and other recent Olympic Games.

Broader national security measures

Italy has deployed thousands of police and military personnel, along with drones, radar and counterterrorism teams, blending physical and digital security in anticipation of cyber‑linked disruptions.

How to protect your organization during global events

Even if you're nowhere near Italy, global events create ripple effects that increase phishing, fraud and cyberattacks worldwide. Here’s how organizations can stay protected:

Increase vigilance

Expect Olympic‑themed phishing attempts, fake alerts and impersonation attacks. Encourage users to be extra cautious with unsolicited emails, suspicious links or requests for credentials.

Strengthen security awareness training

Leverage an advanced security awareness training system to educate employees on:

• Recognizing Olympic‑themed phishing
• Avoiding fake livestream links or ticket scams
• Using multifactor authentication (MFA) across all accounts
• Verifying sources before clicking or sharing

Strengthen your overall cybersecurity

Global events often create noise attackers use to blend in. Businesses should:

• Enforce MFA and strong password hygiene
• Monitor for anomalous logins
• Patch known vulnerabilities promptly
• Use advanced email threat protection and URL filtering
• Deploy zero‑trust access controls where possible

Barracuda can help

The BarracudaONE AI-powered cybersecurity platform brings together multiple advanced capabilities to provide multilayered protection that can help safeguard your organization during high‑risk periods:

• Barracuda Email Protection to stop phishing, impersonation attacks and malicious URLs, as well as to deliver security awareness training
• Barracuda Network Protection to block DDoS attempts and secure distributed networks
• Barracuda Managed XDR for continuous monitoring and rapid response
• Barracuda Cloud-to-Cloud Backup to ensure rapid recovery of Microsoft 365 and Entra ID data in case of a successful attack

These tools work together to detect suspicious activity, filter out targeted attacks and protect your people, data and infrastructure.