Threat Intelligence DDoS attacks surge during Milano Cortina 2026 Winter Games May 8, 2026 Share By SC Staff (Adobe Stock Images) As reported by CSO Online, the Milano Cortina 2026 Winter Games experienced a significant surge in distributed denial-of-service (DDoS) attacks, with Italian infrastructure facing a 181% increase in attack volume compared to the previous year. Attackers leveraged the event's calendar, escalating their activities in the weeks leading up to and immediately following the games. During the Winter Games period, from February 6 to February 23, 2026, attack volumes were six to 10 times higher than historical levels, peaking at over 2,200 attacks on February 23. The hacktivist group NoName057(16) claimed responsibility for a significant portion of these attacks. Attackers employed a tactical shift from high-bandwidth attacks before the games to high-throughput attacks during the event, primarily utilizing UDP flooding, which was present in 85% of attacks. Targets were concentrated in Milan and Cortina, including hotels, ski sites, consulates, and defense facilities. The DDoSia platform, associated with NoName057(16), and the Aisuru IoT botnet were identified as key tools used in these campaigns. This event highlights how major international gatherings can become predictable windows for coordinated cyber threat activity, significantly elevating the DDoS threat landscape. Source: CSO Online SC Staff Related Security Operations Fragmented DDoS campaign bypasses defenses with novel ‘low and slow’ approach SC Staff May 8, 2026 The attack, identified by DataDome's Galileo threat research team, utilized a vast infrastructure, distributing traffic across over 1.2 million unique IP addresses and 16,402 distinct Autonomous Systems (ASNs). Security Operations CISA urges critical infrastructure to plan for prolonged service delivery during emergencies SC Staff May 8, 2026 CISA is warning that state-sponsored hackers, specifically Chinese groups known as Salt Typhoon and Volt Typhoon, pose a continuous threat to vital sectors such as electricity, water, and internet services. Malware New Quasar Linux implant targets developers with rootkit and backdoor capabilities SC Staff May 8, 2026 QLNX is designed for stealth and long-term persistence, operating in-memory and employing multiple techniques to evade detection, including log wiping, process spoofing, and the use of seven distinct persistence mechanisms. Related Events Cybercast Better Threat Intelligence Between Public and Private Sectors On-Demand Event Virtual Conference Nationwide Cybersecurity Summit 2025: Safeguarding America’s Digital Future On-Demand Event Virtual Conference Securing the Future of Finance: Strategies to Counter Modern Cyber Threats On-Demand Event Get daily email updates SC Media's daily must-read of the most current and pressing daily news Business Email By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy . Subscribe Related Terms Account Harvesting Backdoor Deauthentication Attack Defacement Denial of Service Distributed Scans DumpSec Hybrid Attack Password Cracking Reconnaissance You can skip this ad in 5 seconds