The 2026 Winter Olympics kick off on February 6th in Italy. This massive event, the focus of millions of sports fans both physically and digitally, will host hundreds of athletes and huge crowds in the host cities. Kaspersky experts have listed the critical threats that can arise at such large international events, regardless of location.
Event Spectators Targeted
The Olympics bring together thousands of people traveling to the host country. Physical spectators may encounter unpleasant surprises such as fake tickets spread by scammers. This could lead to sports fans having their bank accounts emptied or cryptocurrency wallet information stolen instead of entering the event venue. On the other hand, fans following the games online are exposed to the risk of fake live streams and fraudulent websites claiming to sell merchandise of their favorite athletes.
Another danger travelers may encounter is fake services or platforms that appear to offer cellular data plans but aim to steal personal/financial information. To protect against this kind of physical SIM card confusion and fraud risks, solutions like Kaspersky eSIM Store, which offers a secure connection, can be preferred.
Attacks on Urban Infrastructure
Threat actors, whether profit-driven or otherwise motivated, can target critical city infrastructure such as transportation, energy, communication networks, and especially vulnerable public Wi-Fi hotspots. According to a Kaspersky study conducted before the 2024 Paris Summer Olympics, approximately 25% of the nearly 25,000 free Wi-Fi hotspots examined across the city had weak or no encryption. This significantly increases the risk of users’ personal and banking data being stolen.
These types of attacks can be carried out through malware, network breaches, or manipulation of connected systems, threatening the continuity of city services. Comprehensive security solutions like Kaspersky Premium and the use of VPNs enhance the security of online activities by encrypting internet connections.
Ransomware Threats
Ransomware groups aiming for high profits see large organizations and their associated supply chain actors as attractive targets. Hotel networks, stadiums, official ticket sales platforms, and other digital resources associated with the event in the host city can be the focus of these attacks.
APT Attacks
Advanced Persistent Threat (APT) actors consider large international events strategic targets due to their global visibility and complex IT infrastructure. The Olympic Destroyer malware used at the 2018 PyeongChang Winter Olympics is a striking example of such an attack. The attack aimed to disrupt the event’s operation by spreading within the organizers’ network through compromised credentials.
Activism-Focused Attacks (Hacktivism)
Hacktivist groups may launch attacks against event-related organizations to achieve strategic goals and gain public visibility. Attacks such as data theft and leaks, the spread of misinformation, or the disabling of broadcast infrastructure and ticketing systems can directly affect both viewers and organizations.
Igor Kuznetsov, Director of Kaspersky’s Global Research and Analysis Team (GReAT), commented on the matter: “Large-scale events like the Olympic Games attract significant attention from cybercriminals. These threats have a wide reach, affecting everything from spectators and city infrastructure to athletes and the millions of people using digital services. The international scale and large audience make such events particularly attractive to sophisticated threat actors. Therefore, it is crucial that everyone involved is prepared for the risks.”