With the Winter Olympics now just over a week away, Italian authorities are on high alert, bracing for a potential wave of sophisticated cyberattacks that could target the prestigious global event. The Milano Cortina Games, scheduled from 6 to 22 February, represent a monumental security challenge for Italy's National Cybersecurity Agency (ACN), which views the occasion as its first major operational test since its establishment in 2021.
A Global Stage for Digital Threats
In a modern government facility in Rome, overlooking the historic Aurelian walls, dozens of cybersecurity specialists have spent the past year conducting intensive surveillance. Their mission involves meticulously monitoring criminal chatter across the dark web and other digital channels, forming a crucial component of Italy's comprehensive strategy to protect the Olympic Games from malicious interference.
"The Olympics are a truly global event," explained Gianluca Galasso, ACN's director of cyber operations and crisis management, during a rare tour of the agency's facilities. "We expect around three billion television viewers worldwide, plus another one and a half million spectators with tickets attending in person. That immense visibility inevitably attracts criminal interests. It becomes a stage where actors can make a political point, link an attack to a specific cause, or tie it to ongoing geopolitical tensions."
The AI Dimension Complicates Security Landscape
Officials anticipate that the Winter Games will attract a diverse array of threat actors, ranging from opportunistic cybercriminals to highly sophisticated, state-sponsored groups. The event's unique geographical spread across multiple Alpine regions introduces additional logistical and security complexities to an already intricate digital landscape.
Mr Galasso highlighted a particularly concerning new dimension to this year's threats: artificial intelligence. "Cyber phenomena keep growing for obvious technological reasons," he stated. "Now we have artificial intelligence entering the equation, and we fully expect attackers to deploy AI agents to support their cyber operations. This development suggests a heightened threat level, but we are preparing accordingly. At present, we don't see any specific, elevated risk, but we remain vigilant."
Italy previously provided cybersecurity support to French authorities during the 2024 Paris Summer Olympics, an event that experienced over 140 cyber incidents. While no attacks successfully disrupted competitions, the sheer volume of attempts underscored the significant difficulties inherent in securing large-scale international events. France's TGV high-speed rail network also faced physical sabotage attempts on the opening ceremony day, illustrating the multifaceted nature of modern security challenges.
Targeting High-Visibility Services
Among the most probable attack scenarios are disruptions targeting services with significant public visibility. These could include interrupting live streaming feeds, blocking official website access, or hindering ticket purchasing systems. "Attackers typically want something that generates media resonance," Mr Galasso noted, speaking before rows of analysts dressed in black attire, wearing headphones, and scrutinising screens for suspicious activity. Behind him, a vast display pulsed with graphics and maps tracking global cyber trends in real time.
ACN's defensive strategy is fundamentally predicated on early detection, aiming to identify hostile activity before intrusion attempts can materialise. Analysts continuously monitor the open web, criminal forums, and social media channels for emerging threats and evolving patterns. "Our most critical work happens before someone even attempts to enter a system," Mr Galasso affirmed. "We examine everything that moves within the criminal ecosystem to anticipate threats proactively."
Operational Deployment and Coordination
Approximately twenty of the agency's one hundred operational specialists will focus exclusively on Olympic-related intelligence from ACN headquarters in Rome, maintaining real-time communication with teams deployed directly at the competition venues. An additional ten senior experts will travel to Milan from 4 February to join the Technology Operations Centre (TOC), the central hub established to supervise and secure all the Games' technological systems.
At the TOC, ACN personnel will collaborate with nearly one hundred Deloitte specialists and approximately three hundred staff members from the local organising committee and various technology partners. This combined force will collectively oversee the extensive digital infrastructure spanning all Olympic venues, ensuring coordinated monitoring and rapid response capabilities.
Mr Galasso confirmed that ACN will continuously feed updated intelligence to technical teams as threats evolve throughout the event. "The ultimate goal remains constant: anticipate emerging threats and respond quickly and effectively whenever a specific risk becomes visible," he concluded, emphasising the agency's commitment to protecting both the integrity of the Games and the safety of participants and spectators alike.
