Tracking the Cyber Pucks at the Olympics
As one of my favorite times of four years is now underway, it comes as no surprise that the Winter Olympics have already had to contend with cyber threats. While Milan and Cortina play host, curling cheating scandals aren’t the only shady trends: Italian authorities at the National Cybersecurity Agency (ACN) have been working around the clock to stop attacks like a hundred goalies trying to block ten times as many pucks.
Such a high profile event is rife with opportunities for hackers to leave no curling stone unturned: from ransomware and social engineering after customer data, to ideologically-driven hacktivism, even state-backed cyber thieves seeking sensitive intelligence. Thousands of third-party suppliers, vendors, broadcasters, applications and other more critical services make these games into a tantalizing gold medal for bad actors, and necessitate highly complex defense strategies. No wonder that preparations for event security usually begin years in advance, out of necessity.
Prior even to the opening ceremony, hacking attempts were already made against Italian embassies, hotels and several Olympic venues. Several of these, according to Italy’s government, were Russian in origin. For cyber criminals seeking to steal the podium spotlight from medalists, “disrupting TV streaming services, ticketing platforms or other core digital services would guarantee immediate global attention.” Not to mention potential profits.
Spikes in cybercrime during the Olympics are nothing new. The 2018 games in South Korea had hackers take the official website offline and even interfere with the opening ceremony broadcast, while the 2024 Paris games were targeted by floods of distributed denial-of-service (DDoS) against their site as well, which lasted for hours.
There is a new rule in the game, however, as AI is now in play. On both sides, sophisticated AI tools are being deployed in a very unsportsmanlike cyber contest. Bad actors can exploit AI to bolster their phishing efforts, as well as sending deepfake impersonations of Olympic officials or launching disinformation campaigns.
Two can play the AI game, of course. We’ve spoken recently about the uses cyber defenders can find for AI-driven defense capabilities, such as enhanced pentesting tools that can identify patterns, anticipate attack vectors, and even simulate complex, multi-stage attack chains in a fraction of the time. And it should without saying, any personal data in the field during these games is encrypted, so that even when one slips past the goalie, the data inside remains protected.
With NetLib Security’s new release of our Encryptionizer WInter 2026, we recognize the critical need for strong encryption amidst a complex array of modern platforms, cloud infrastructure, and mission-critical legacy systems that still hold sensitive data and still represent risk. As explained by our CTO David Stonehill, “AI will continue to evolve. Attacks will become more convincing, more automated, and harder to detect. But encryption, properly implemented, remains one of the few controls that doesn’t rely on predicting attacker behavior.
It simply removes the payoff. And in an AI-driven threat landscape, reducing the payoff is how you change the game.”