Winter Olympics: sports, medals, and cyberattacks
In the series Cracked by Jordens, we examine the cybersecurity of consumers and businesses.
Published on February 5, 2026
In this photo, a security officer at the Olympic Games in Paris shows which cyber attacks are currently taking place. The curved arrows point from East and West towards Paris.
Our DATA+ expert and Editor-in-Chief, Elcke Vels, explores AI, cyber security, and Dutch innovation. Her "What if..." column imagines bold scenarios beyond the norm.
The 2026 Winter Olympics are approaching. This means not only sports and medals, but also an increased risk of cyberattacks. Organizations involved in the games, such as suppliers and service providers, may be targeted. The report Cyber Threats to Milan‑Cortina 2026 contains a number of recommendations for parties involved to get their cyber security in order, from zero trust to the use of AI. In this article, we discuss a number of these with cybersecurity expert Patrick Jordens.
Patrick Jordens
Patrick Jordens (1969) is an entrepreneur with a passion for digital security. He is director of Trusted Third Party and founder of DMCC Group, which helps organizations comply with all external laws and regulations and internal policies in the field of privacy and consumer law. He is also a guest lecturer in marketing, data privacy, and ethics at Rotterdam University of Applied Sciences.
Who could be behind cyberattacks during the Winter Games?
“For actors who want to cause disruption, the Winter Games are the perfect opportunity. Often these are government-led actions from, for example, Russia or other countries that have an interest in causing disruption. In addition to disruption, it can also involve espionage or infiltration.”
What kind of organizations could be targeted?
“There are a huge number of organizations directly involved in the Winter Games, but don't forget the supply chain: smaller SMEs that are less well prepared. Every organization involved, large or small, could be a target. If you shut down the catering for an Olympic village, for example, it will immediately make the news.”
Can organizations do a lot in advance to reduce the risk?
"Absolutely. Just look at the NATO summit, where cyber threats also played a major role. Thinking things through carefully in advance and drawing up scenarios helps enormously. At the NATO summit, incidents were assessed in advance. Things did happen during the summit, but they could be quickly interpreted because they fit within the outlined scenarios. Concrete measures included, for example, preparing contingency plans for specific types of threats. Or geo-blocking: login attempts from certain countries were blocked by default, except through a formal exception.
Afterwards, the municipality of The Hague reported that they were able to block an attempt using stolen login details in this way.
The report makes a number of recommendations so that parties involved in the Games can prepare themselves. One of these is to apply zero trust. What does that mean?
Zero trust means you don't automatically trust anyone, even if they are already inside the network. In the past, security was seen as a castle: outside the walls there is danger, inside it is safe. That model no longer works. In practice, zero trust means that users are continuously monitored, devices are constantly revalidated, and access is as limited as possible. You only get what you need at that moment. Everything is logged and monitored. A good metaphor is an access badge in a building: it doesn't work for the entire building, but only for the room you need to be in at that moment. Zero trust is not a product you can just buy, but a design principle — both organizational and technical."
A second recommendation is: apply runtime security. Can you explain that?
“Runtime security looks at what happens while systems are running — live, in other words. Not in advance, but at the moment itself. It's about detecting abnormal behavior; an application that suddenly sends data abroad, or a process that becomes active at night when that never normally happens. You can compare it to an MOT test versus a police officer stopping you for swerving. The MOT is in advance, runtime security is intervening when something goes wrong."
A third recommendation from the report: use AI-driven detection. How does that work?
"The big advantage of AI is pattern recognition. AI can detect anomalies and connections that people often miss. Ten small signals together can form one big attack — and AI can notice that before anything really goes wrong. But beware: AI cannot make administrative decisions and does not take context into account. An example from my practice: I am in contact with a company whose director often has to log in from China. AI sees that traffic from China and raises the alarm, even though the organization knows that this is fine. AI cannot properly assess that context. So it is a tool, not a replacement for human control.