Nistha Kumari Singh is a Ph.D. Research Scholar and Dr. TMA Pai Fellow at the Department of Geopolitics and International Relations, Manipal Institute of Social Sciences, Humanities and Arts, Manipal Academy of Higher Education (Institution of Eminence), Manipal.
In the realm of international sports, geopolitical tensions and cybersecurity are inextricably linked. A Major Sporting Event (MSE) is a large-scale international competition that attracts billions of global audiences, significantly impacts the economy, involves extensive logistics, and holds great political and cultural significance for enhancing a nation’s global image. The reliance on the interconnected system makes MSEs vulnerable to disruptions. MSEs are a natural blend of geopolitical happenings and spectacles coupled with technological advances that have played an important role on advancing safety and security during large events. For instance, the 2025 Ninth Asian Winter Games, held in Beijing, and the China National Computer Virus Emergency Response Centre (CVERC) reported 170,864 cyberattacks on the event’s information network, highlighting geopolitical tensions beyond mere technical breaches. It has been a similar case with several other major events such as the Olympics where such arrangements were required.
In the escalating cybersecurity risks surrounding MSEs as extensions of geopolitical contestation, an investigation released on April 3, 2025, attributed 60 percent of these attacks to the United States, leading authorities to block 12,602 suspicious IP addresses and share the findings with national security agencies. Further raising concerns, a January 2025 report by China’s National Computer Network Emergency Response Technical (CN-CERT) suggested that US operatives allegedly routed attacks through European cloud hosting services, using deception tactics to mask their origin.
MSEs are widely recognised as soft power platforms in the digital age through which nations project diplomatic stature, cultural pride and technological competence. The 2025 Asian Winter Games illustrates this dynamic, with China showcasing regional influence by hosting leaders from Brunei, Pakistan, Thailand, and South Korea, demonstrated China’s growing regional influence across Central Asia, ASEAN, South Asia, and the Korean Peninsula. However, cyberattacks against MSEs nonetheless carry less symbolic weight due to temporary disruptions, while China framed these cyber intrusions during these games not merely as technical breach, but deliberate act to undermine its image as technologically advanced host. This does not necessarily amount to a threat to image in a direct or proven sense. However, it also contrasts with longer-term reputational cases seen for instances like Russia’s exclusion from international sport due to geopolitical disputes.
Due to their global appeals and significant economic, security and geopolitical consequences of boycotts and bans, MSEs transcend mere sports, gaining prominence through their high visibility and complex IT systems. A report by the National Cyber Security Centre (NCSC) highlights that MSEs stimulate economic growth, with the UK, for instance, benefiting € 37 billion from the sports sector. According to NCSC report,
“At least 70 per cent of the sports organisations we surveyed experienced at least one cyber incident or harmful cyber activity. This compares to 32 per cent across general UK business. The average cost was more than £10,000 per incident. Beyond direct financial costs, 41 per cent of breaches or attacks resulted in new measures being put in place to prevent further incidents.” (National Cyber Security Centre, 2020, p. 1)
The report shows the vulnerability of MSEs despite its high economic and diplomatic significance. For example, 2022 FIFA World Cup in Qatar featured an AI-driven cooling system and a 5G-enabled stadium. Technology plays a dual application in sporting events driven by innovations, like Smart stadium, biometric security, VR fan. These advancements show how technology in MSEs serves as a dual purpose: enhancing experience and security, while also introducing new risks without adequate cybersecurity safeguards. However, it is important to distinguish between different scales of cyber threats, some attacks are symbolic or minor disruptive (DDoS or Spamming), other attacks directly may affect core system like disabling lighting system in evening match, disrupting live broadcast feeds, has greater risks to athlete safety, audience trust and host’s nation reputation. While lower-level attacks can be contained or rescheduled with less reputational fallout. This differentiation shows the need to assess cyber risks not only in terms of frequency, but also in term functional and reputational impact. .
Digital Evolution of MSEs
MSEs often serve as important arenas for showcasing cutting-edge technology, ranging from ticketing systems to AI-driven logistics. Once dependent solely on physical capabilities, MSEs now rely heavily on a combination of integrated systems (such as power, cooling, and transport) and digital systems (including ticketing platforms, broadcasting), raising the stakes higher than ever. The initial digitalisation vulnerabilities against MSEs can be traced back to the 2004 Athens Olympics, where vulnerabilities in critical management and public information diffusion systems, with reports of attempted breaches targeting ticketing networks were vulnerable to exploitation, While disruption were contained, Athens highlighted the emerging risks and motivated the prioritisation of cybersecurity at subsequent Olympic events. By the 2008 Beijing Games, attackers had escalated their tactics, creating dummy websites to sell fake tickets. However, it was the 2012 London Olympics that marked a turning point, as organisers implemented dedicated cybersecurity measures to counter rising cyber threats.
According to a report by France-based cybersecurity firm Stormshield, cyberattacks targeting MSEs increased twenty-fold between 2012 and 2022, reflecting their growing appeal as high-value targets. The 2016 Rio de Janeiro Olympics experienced over 400 distributed denial-of-service (DDoS) attacks on its IT infrastructure. Two years later, the 2018 PyeongChang Winter Games suffered Wi-Fi network breaches that disrupted ticketing, the broadcast system, and sensor controls.
State-sponsored entities have increasingly utilised MSEs as tools for geopolitical objectives. During the 2018 Winter Olympics in South Korea, North Korea’s Lazarus Group and China-linked APT3/APT10 hacking group infiltrated Wi-Fi systems to disrupt operations. By 2022, the FIFA World Cup in Qatar experienced a tarnished global reputation due to phishing attacks that interfered with broadcasting and ticketing systems. The threat level escalated at the 2024 Paris Olympics, which faced AI-based disinformation, DDoS surges, Wi-Fi hijacking, and man-in-the-middle (MITM) attacks, as also shown in Table 1. For the host country, technological failures aren’t just operational hiccups; they are geopolitical liabilities.
Table 1: List of Cyberattacks against Major Sporting Events (MSE)
| Year | Event (Host Country) | Target | Types of Cyberattack |
| 2012 | Olympic (London) | Ticketing system and Live broadcast | DDoS attack on power infrastructure, APT28 and APT29 to gather intelligence |
| 2014 | FIFA World Cup (Brazil) | Counterfeit Ticket impacted a $118 billion investment | DDoS attack |
| 2016 | Rio Summer Olympics | Compromise the World Anti-Doping Agency database | Phishing attack, Ransomware |
| 2018 | Pyeongchang Winter Olympics; June, FIFA World Cup (Russia) | Disable Wi-Fi, internet access, and Websites | “Olympic Destroyer” Malware |
| 2021 | Olympic (Tokyo) | Personal Data Leak | More than 450 million cyberattacks are faced through malware and email phishing |
| 2022 | Olympic (Beijing) FIFA World Cup (Qatar) | Streaming Services of Live TV were attacked | Spyware in the official COVID app DDoS attack, Ransomware |
| 2024 | Paris Olympics Euro 2024 Cup (Germany) | Wi-Fi/5G interception, ATM fraud, and Fake ticket scams | DDoS, Ransomware, sabotage in boarding, timing system, and hotel security; phishing; disinformation campaigns |
Source: Compiled by the author from various sources
The Double-Edged Role of Technology in MSEs
From AI-powered stadiums to the spread of disinformation through deepfakes, MSEs showcase technology’s ability to both dazzle and destabilise, often simultaneously. The timeline of attacks shows increasingly sophisticated tactics: AI-generated disinformation, such as Paris 2024’s fake news crisis, and social engineering techniques designed to manipulate fan emotions, while automated malware and identity theft take advantage of systemic vulnerabilities. These threats extend beyond infrastructure, affecting athletes’ biometric data, fans’ personal information, and even national security, as highlighted by concern over cyber threats related to the 2024 Paris Olympics in the World Economic Forum’s 2024 Cybersecurity Outlook.
According to the 2024 Global Cybersecurity Outlook report by the World Economic Forum, 55.9 per cent of industry executives agree that generative AI disproportionately empowers attackers, enabling realistic phishing, rapid malware development, and scalable disinformation. Conversely, cybersecurity specialists suggest that AI-based threat detection systems could reduce risk by identifying disruption in real-time, minimising defence delay.
Cyberattacks on MSEs have shifted from financially motivated cybercrime to state-sponsored campaigns, hacktivist sabotage, and cyberterrorism aimed at destabilising host nations, promoting ideological agendas, or amplifying militant messages. This reflects MSE’s role in geopolitical strategies, where attackers exploit global visibility to maximise disruption.
Attribution remains a critical challenge. State-sponsored actors systematically hide their origin through deceptive techniques, such as routing attacks via third-country infrastructure. For instance, China’s CN-CERT accused US operatives of masking operations behind European cloud servers, while the 2018 PyeongChang Winter Games saw a Chinese state-sponsored hacking group mimic Russian Notpetya to evade accountability, complicating the diplomatic responses with such anonymity strategies in cyberspace.
MSE’s inherent vulnerabilities further encourage attacks. Unlike static institutions, events like the Olympics, Paralympics, and FIFA World Cup are transitory, brand-driven, and require a unique cybersecurity framework for each event. As Karim Benslimane, Director of Cyber Intelligence, points out, learning from past cyberattacks in MSEs is often insufficient against evolving threats, which adapt, improve, and strike at unusual scales and speeds. This temporary nature, combined with pressure to deliver vast global spectacles, forces managers and victims into a reactive posture, a weakness that attackers exploit ruthlessly.
A United Nations report titled “Security of Major Sporting Events” stresses the importance of holistic defence strategies, advocating for collaboration among governments and involving all stakeholders, including law enforcement, private contractors, sports organisation, and venue operators. Proactive measures such as public awareness about cyber hygiene and AI-enabled monitoring systems for real-time threat detection are critical for mitigating risks. The interconnected nature of cyber threats demands international cooperation, an intelligence-sharing framework, and standardised protocols.
In conclusion, the integration of advanced technology, including Wi-Fi networks, sensor-driven infrastructure, broadcasting systems, ticketing platforms, and biometric sensors, into MSEs fuels both spectacles and surveillance. MSE becomes the battleground for trust in the digital age, where the broader ethical debate of data governance is a sensitive issue. The event needs extra preparedness to mitigate the cyberattack, including a test run for cybersecurity and a need for a hybrid security approach integrating physical security with an AI-based crowd monitoring system. A unified global response, rather than isolated efforts, will determine the resilience of future sporting events. MSES are currently hinging on trust in technology, and the host country will only emerge victorious if it harmonises technology, diplomacy and global trust.
Disclaimer: The views expressed in the article are personal.
