Italy Thwarts Russian Cyberattacks Targeting Winter Olympics and Diplomatic Facilities

ROME – Italy has successfully intercepted a series of sophisticated cyberattacks targeting critical national infrastructure, including diplomatic facilities abroad and websites associated with the upcoming Milano Cortina Winter Olympics. The thwarted attacks, which Italian authorities attribute to Russian origins, underscore the escalating digital threats against major international events and government entities. The announcement on Tuesday, February 4, 2026, by Foreign Minister Antonio Tajani, highlights a proactive cybersecurity posture by Italy in safeguarding both its sovereign interests and the integrity of the global sporting spectacle.

The disclosure comes as the Milano Cortina Winter Olympics are poised to commence, with the sports program beginning on February 4 and the official opening two days later. The incident reveals the persistent challenges faced by nations in the face of state-sponsored cyber aggression, particularly in the lead-up to high-profile international gatherings that offer significant platforms for disruption or espionage. Italy's National Cybersecurity Agency (ACN) and a dedicated police cybersecurity team have been on heightened alert, actively monitoring and mitigating potential threats to ensure the security and smooth operation of the Games.

Coordinated Digital Assaults and Attribution

The series of cyberattacks specifically targeted Italian foreign ministry facilities, notably an embassy located in Washington, D.C. Concurrently, websites linked to the Winter Olympics and several hotels in Cortina d'Ampezzo, a key host city for the Games, were also among the identified targets. Foreign Minister Antonio Tajani affirmed that these malicious activities were of Russian origin, a significant attribution that points to a state actor's involvement. This assertion aligns with a growing international consensus regarding Russia's recurrent engagement in cyber operations against Western interests and major global events.

The specific nature of the attacks, whether they were aimed at data exfiltration, service disruption, or reconnaissance, has not been fully detailed. However, the comprehensive targeting of both diplomatic and Olympic-related infrastructure suggests a multi-pronged approach potentially designed to sow discord, gather intelligence, or disrupt logistical and communication channels. Italian authorities have been vigilant, with a police cybersecurity team for the Games operational since January 26, specifically tasked with protecting critical infrastructure and monitoring networks for both public order and potential terrorist threats.

A History of Olympic Cyber Warfare

The attribution of these attacks to Russia is not without precedent. Russia has a well-documented history of engaging in cyber warfare targeting the Olympic Games, a pattern that underscores geopolitical tensions and retaliatory measures, particularly in response to its exclusion from international sporting events. One of the most infamous instances was the "Olympic Destroyer" attack during the 2018 Pyeongchang Winter Olympics. This sophisticated cyberattack targeted the entire IT infrastructure of the Games, causing widespread disruptions to Wi-Fi, jumbotron feeds, and ticketing systems, specifically timed to coincide with the opening ceremony.

In the Pyeongchang incident, Russian hackers, identified as the GRU's cyber unit, employed false-flag tactics, attempting to disguise their involvement by making the attacks appear as if they originated from North Korea or China. Beyond Pyeongchang, Russian military intelligence also conducted cyber reconnaissance against officials and organizations involved in the 2020 Tokyo Olympic and Paralympic Games (before their postponement), targeting organizers, logistics services, and sponsors. These historical patterns illustrate a sustained and strategic interest by Russian state-aligned actors in using cyber means to influence, disrupt, or retaliate against the Olympic movement. The exclusion of Russia from events like the Milan Cortina 2026 Winter Olympics carries significant symbolic weight, often preceding such cyber operations.

Italy's Proactive Cybersecurity Shield

Italy's successful thwarting of these recent attacks is a testament to its strengthened cybersecurity capabilities and proactive strategies. The National Cybersecurity Agency (ACN), established in 2021, views the Milano Cortina Games as its first major operational test. The agency has been diligently preparing for these challenges, with dozens of specialists monitoring criminal activity on the dark web and other forums for signs of impending attacks, such as stolen passwords or new malware. This "early warning" approach aims to detect hostile activity even before an intrusion attempt begins, allowing for immediate relay of information to technical teams at the venues.

Approximately 20 of ACN's 100 operational specialists are dedicated full-time to Olympic intelligence from Rome, maintaining continuous contact with teams deployed at various venues. An additional 10 senior experts are stationed at the Games' Technology Operations Centre in Milan, working in collaboration with Deloitte and event organizers. This integrated approach underscores a comprehensive effort to safeguard the technological infrastructure of the Games, which will be spread across multiple Alpine regions, thereby increasing the complexity of security efforts.

Furthermore, Italy gained valuable experience by supporting French authorities during the 2024 Paris Summer Olympics. That event saw over 140 cyber incidents, including 22 breaches of information systems, highlighting the immense difficulty in securing large-scale international events, even though no attacks disrupted competitions. Italy's experience there has informed its preparations, particularly in anticipating new threat vectors such as the use of artificial intelligence by attackers to accelerate operations and create more convincing phishing attempts.

Broader Implications for Global Events

The successful interception of these Russian-attributed cyberattacks by Italy sends a clear message about the growing vigilance and capabilities of nations to defend against digital aggression. However, it also serves as a stark reminder of the persistent and evolving threat landscape surrounding major global events. The Olympics, with their immense visibility and international participation, remain attractive targets for state-sponsored actors seeking to exert political influence, conduct espionage, or simply cause disruption on a global stage.

The ongoing cyber cat-and-mouse game necessitates continuous investment in cybersecurity infrastructure, intelligence sharing, and international cooperation. For future Olympic Games and other large-scale events, the focus will increasingly be on sophisticated early detection systems, resilient network architectures, and rapid response capabilities to counteract threats that are likely to become more complex, potentially leveraging advanced tools like artificial intelligence. The commitment demonstrated by Italy in protecting the Milano Cortina Winter Olympics sets a critical precedent for securing such events in an era defined by pervasive digital risks.