Earlier this month, the world’s attention turned to Italy as Milan and Cortina d’Ampezzo hosted the Winter Olympic Games. Athletes were focused on fractions of a second, perfect execution, and years of preparation. Behind the scenes, however, another high-stakes competition was underway in cyberspace.  

Global events like the Olympics have always attracted cyber threat actors. But the Milan–Cortina Games arrived at a uniquely volatile moment. Geopolitical tensions involving major world powers, including the U.S., the European Union, Iran and China, continued to play out not just through diplomacy and conventional conflict, but through cyber operations, influence campaigns, and digital disruption. At the same time, generative AI has fundamentally changed the economics and effectiveness of cybercrime. And just weeks after the Olympic flame is extinguished, the world will turn its attention to another massive target, the 2026 FIFA World Cup in North America, which is also set to host the 2028 Summer Games.  

Taken together, this creates an extended, global season of opportunity for cyber adversaries.  

The Olympics are a uniquely attractive target because of their scale and complexity. The Games depend on a vast, temporary digital ecosystem. This includes broadcasters, streaming platforms, ticketing systems, transportation networks, hospitality providers, sponsors, security partners, and thousands of vendors and subcontractors. Every one of these connections expands the attack surface. And because the Olympics run for weeks under intense global scrutiny, even a small disruption can have an outsized impact.  

The geopolitical context only raises the stakes. We have already seen how cyber operations are used by state-aligned and state-tolerated groups connected to conflicts in the Middle East, Eastern Europe and Asia. Actors aligned with or operating from countries like Iran have demonstrated a willingness to use disruptive and destructive cyber campaigns to send political messages. China, meanwhile, remains one of the world’s most capable cyber powers, with well-documented interest in intelligence collection, surveillance, and strategic positioning around major global events. In this environment, the Olympics are not just a sporting event. They are a global stage.  

What makes 2026 different from any previous Games is the maturity and accessibility of AI-driven attack tools. Generative AI now allows criminals and influence operators to create highly convincing phishing emails, fake websites, cloned voices, and deepfake videos at a massive scale and very low cost. Social engineering attacks no longer need to be crude or generic. They can be personalized, localized, and timed to exploit the chaos and urgency that always surrounds an event of this size.  

It is not hard to imagine how this could play out. A gold medalist has their social media account hijacked and used to spread disinformation or politically charged messages. A regional transportation or hospitality provider supporting the Games is hit with ransomware during peak travel days. Or a fabricated audio or video clip of a world leader attending the Olympics circulates online, falsely suggesting diplomatic or military escalation. In a media environment that moves at the speed of social feeds, even a short-lived incident can cause real-world consequences.  

The most sophisticated adversaries are unlikely to attack the core systems directly. Those environments are heavily defended and closely monitored by international law enforcement and intelligence agencies. Instead, attackers will look for softer targets such as smaller vendors, local businesses, service providers, media partners, and even athletes and staff whose personal accounts and devices may not be well protected. These organizations and individuals are easier to compromise and can still be used as powerful leverage points for disruption, extortion, or influence operations.  

And the Olympics are only part of the picture. The 2026 World Cup, hosted across the United States, Canada, and Mexico, follows shortly and creates another enormous, globally visible digital attack surface. From an adversary’s perspective, this is not two separate events. It is one long window of opportunity to probe, test, refine, and reuse the same techniques across multiple targets.  

The good news is that much of this risk is manageable with the right preparation and discipline.  

For athletes, staff, and anyone associated with these events, the basics matter more than ever. This includes strong, unique passwords, multi-factor authentication, device security, and extreme caution with unexpected messages or requests, even when they appear to come from official sources.  

For businesses and organizations supporting events, the priorities are just as clear. They should have 24×7 security monitoring, tested incident response plans, security awareness training focused on social engineering and AI-driven scams, and a hard look at supply chain and third-party risk.  

The Milan–Cortina Olympics should be remembered for athletic excellence, not digital chaos. But in a world where cyber threats are increasingly shaped by geopolitics and supercharged by AI, hope is not a strategy. In 2026, cybersecurity is no longer just an IT issue. It is a core part of operational resilience, reputational trust, and the safe execution of the world’s biggest events.