Cybersecurity firm Palo Alto Networks has released a report analyzing potential cyber threats to the Paris 2024 Olympic Games and the risks those threats pose to athletes, organizers, and spectators. The report makes clear that not all parties involved in the Games will have good intentions.
According to Palo Alto Networks, the world’s largest sporting event faces significant IT security challenges that could affect both participants on site and remote viewers. The report warns that attackers will seek opportunities across the event’s broad digital ecosystem rather than focusing solely on disrupting the competitions themselves.
“Major international events like the Olympics are frequent targets for cybercriminals,” says Åsa Edner, head of Palo Alto Networks Sweden. “Threat actors may try to deceive excited fans with fake offers and phishing emails or attract attention by launching disruptive attacks such as distributed denial-of-service. While the Games themselves are an obvious target, organizations that support the event—broadcasters, ticketing platforms, payment providers and logistics partners—are likely to face the greatest risk.”
The report concludes that a direct ransomware assault on the Olympics’ core operations is unlikely. More probable are indirect attacks aimed at companies and services that make the Games possible—particularly streaming platforms that broadcast competitions. Such incidents could have wide-ranging consequences for organizers, athletes, in-person spectators and remote audiences alike.
The Olympics are an obvious target, and the report highlights the likelihood that pro-Russian hacktivists and state-sponsored actors could try to influence or disrupt the event. Financially motivated attacks are also expected—fake ticket scams are a classic example, where opportunistic criminals exploit the Games’ popularity to trick fans. At the same time, the report stresses that state-backed groups, particularly those aligned with Russia, may seek to exploit the Games’ profile to cause harm or generate political impact.
“Financially motivated crime represents the largest single threat,” Edner explains. “Cybercriminals will try to exploit Olympic branding to sell counterfeit tickets or fraudulent services. But there is also a substantial risk from hostile, state-backed groups. Over the past two years we have seen increased collaboration between hacktivist groups and state-supported Russian actors, blurring the line between activism and state-directed operations.”
The report expects that Russian state-affiliated actors will attempt disruptive campaigns, while pro-Russian hacktivists—who may lack advanced capabilities—could rely on simpler tactics such as DDoS attacks. Those attacks can cause major service interruptions or shutdowns of critical systems, potentially impacting air traffic to and from Paris, payment processing, or the official event apps and websites.
Most expected incidents will primarily target infrastructure in France, but Swedish companies and citizens involved with or attending the Games should also remain vigilant. Any organization connected to the Olympic ecosystem can become a vector for broader disruption or data theft.
“Swedish firms participating in the event must prepare for elevated cybersecurity pressure,” Edner advises. “Prioritize security across the entire event lifecycle, monitor networks and services closely for anomalies, and implement strong authentication such as multi-factor login wherever possible. Training staff to recognize phishing and fraudulent communications is equally important to reduce the risk of human error.”
In short, the report underscores that the digital perimeter surrounding the Paris Olympics will be as important as physical security. Organizers, partners and visitors alike should treat cybersecurity as a core element of event planning and response preparation.