As the world turns its attention to the spectacle of the Milano-Cortina Winter Games, a less visible but equally intense competition is unfolding in the digital realm, where cybercriminals are preparing to exploit the event’s vast interconnected infrastructure. A recent assessment of the cyber risks facing the Games concludes that phishing and deceptive, spoofed websites remain the most prevalent initial entry points for cyberattacks targeting such global sporting events. This finding is strongly supported by historical data from past Olympics, which serve as a stark reminder of the persistent threats. For instance, pre-Games operations for the Tokyo 2021 event were targeted by Russian-linked groups attempting to cause disruption, while analysts observed significant spikes in Distributed Denial-of-Service (DDoS) activity and sophisticated phishing scams during the Paris 2024 Games. The extensive digital footprint of the Milano-Cortina Games, which includes ticketing, logistics, media broadcasting, and vendor management, presents a broad and attractive attack surface for a wide array of malicious actors.
A Multifaceted Threat Landscape
Further analysis reveals that the threat is not only persistent but also multifaceted, with attackers employing a variety of techniques tailored to their specific objectives. The report highlights that Business Email Compromise (BEC) has become a dominant tactic, constituting an alarming 76% of observed phishing campaigns. These attacks are particularly effective as they exploit the inherent trust between organizational staff, partners, and suppliers to manipulate individuals into making unauthorized fund transfers or revealing confidential data. Reinforcing this concern, one expert viewpoint suggests that the greatest risks stem not from undiscovered exploits but from the malicious use of legitimate applications, stolen identities, and established corporate processes. The threat actors targeting the Games are a diverse group with distinct motivations. Financially driven ransomware gangs focus on disrupting and extorting ticketing and payment systems, while nation-state groups concentrate on espionage. Meanwhile, hacktivists aim to cause chaos to attract publicity for their causes, ensuring that the defensive strategies must be as comprehensive and varied as the threats themselves.
Navigating the Digital Minefield
The expected recurrence of established attack vectors underscored the critical need for robust defensive postures and widespread security awareness. Analysis of past events made it clear that threat actors would continue to rely on proven methods, including credential harvesting through meticulously crafted phishing emails, the exploitation of known software and API vulnerabilities, the use of compromised credentials purchased from the dark web, and launching DDoS attacks against critical public-facing infrastructure like official ticketing websites. In response to this landscape, the guidance for both consumers and employees involved with the Games centered on constant vigilance and proactive security measures. It was strongly advised that all transactions, including the purchase of event tickets and official merchandise, be conducted exclusively through reputable, verified sources. This simple but effective step was identified as a key defense in preventing financial fraud and the theft of personal information, placing the power to thwart many of these schemes directly into the hands of the end-user.
