ROME, Jan 28 (Reuters) – Inside a modern government building facing the third‑century Aurelian walls in Rome, dozens of specialists have spent the past year monitoring criminal chatter on the dark web as part of Italy's push to shield the Winter Olympics from cyberattacks. The National Cybersecurity Agency (ACN), created in 2021, sees next month's Milano Cortina Games as its first real test. With the Olympics drawing global attention, officials say the event is a magnet for threat actors ranging from petty cybercriminals to sophisticated, state‑linked groups. The Winter Games, scheduled for February 6–22, will be held for the first time across multiple Alpine regions, adding logistical and security complications to an already complex digital environment. "The Olympics are a global event. We expect around three billion viewers and another one and a half million spectators with tickets," Gianluca Galasso, ACN's director of cyber operations and crisis management, told Reuters during a rare tour of the agency's operations rooms. "That visibility can attract criminal interests. It becomes a stage where actors can make a point, link an attack to a cause, or tie it to current geopolitical tensions." AI ADDS A FRESH TWIST Italy supported French authorities during the 2024 Paris Summer Olympics, when more than 140 cyber incidents were recorded, including 22 breaches that gave attackers access to information systems. No attacks disrupted competitions, but the volume underscored the difficulty of securing large‑scale international events. France's TGV high-speed rail network was also targeted in a series of physical sabotage attacks using explosive devices on the day of the opening ceremony. Galasso said Italy expects similar threats this year, with an added layer: artificial intelligence. "Cyber phenomena keep growing for obvious reasons. Now there's artificial intelligence, and we expect attackers to use AI agents to support cyber operations," he said. "We anticipate a heightened threat level, but we are prepared. At the moment we don't see any specific, elevated risk." 'ATTACKERS WANT MEDIA RESONANCE' Among the most likely scenarios, he said, are disruptions targeting services with high public visibility — from interrupting streaming feeds to blocking access to websites or hindering ticket purchases. "Attackers want something that has media resonance," Galasso said, speaking in front of rows of desks where black‑clad analysts sat, headphones on, scanning their screens for suspicious activity. Behind him, a wall‑sized display pulsed with graphics and maps tracking global cyber trends. ACN's approach is built around early detection, identifying hostile activity before an intrusion attempt takes shape. Analysts monitor the open web, criminal forums and social channels, looking for patterns and emerging threats. "Our work happens before someone tries to enter a system," he said. "We look at everything that moves in the criminal ecosystem to anticipate the threat." Around 20 of the agency's roughly 100 operational specialists will work exclusively on Olympic‑related intelligence from ACN headquarters in Rome, maintaining real‑time contact with teams deployed at the venues. Another 10 senior experts will be sent to Milan from February 4 to join the Technology Operations Centre (TOC), the hub set up to supervise and secure all the Games' technological systems. They will operate alongside nearly 100 Deloitte specialists and some 300 staff from the local organising committee and technology partners, who together will oversee digital infrastructure across all venues. Galasso said ACN will continue feeding intelligence to the technical teams as threats develop. "The goal is always the same: anticipate threats and respond quickly and effectively whenever a specific risk becomes visible," he said. (Reporting by Giselda VagnoniEditing by Keith Weir)
(The article has been published through a syndicated feed. Except for the headline, the content has been published verbatim. Liability lies with original publisher.)
