This post is also available in:
עברית (Hebrew)
As the Eurovision Song Contest draws global attention, Swiss cybersecurity authorities have reported a series of distributed denial-of-service (DDoS) attacks aimed at local websites linked to the event. While the disruptions have thus far caused no operational impact to Eurovision itself, the Swiss National Cyber Security Centre (NCSC) warns that additional attacks are likely to follow.
The NCSC confirmed that the attacks began in the days leading up to the contest’s grand final, which is scheduled to occur tonight, May 17. These DDoS incidents, which involve flooding websites and online services with a surge of artificial traffic, are designed to overwhelm systems and render them temporarily inaccessible. According to Swiss officials, the incidents have remained within anticipated bounds and have not compromised any data or critical systems.
These attacks are typically used by threat actors to gain attention rather than to cause lasting harm. The NCSC characterized them as “a popular means for attackers to draw attention to themselves,” noting that such campaigns are generally easy to execute, do not result in data breaches, and rarely inflict permanent damage. Nevertheless, they can disrupt online visibility and services, particularly when timed with high-profile international events.
In response, Swiss authorities have issued warnings to infrastructure operators and organizations involved in Eurovision’s production, urging them to bolster their defensive postures and remain alert. While the attacks to date have been largely symbolic, the NCSC emphasized the importance of proactive mitigation to safeguard against potential escalations.
DDoS attacks often spike during major events, where attackers seek maximum exposure. Given the global spotlight on Eurovision, which brings together dozens of countries in an internationally televised competition, the timing is no coincidence. The NCSC anticipates that attempts to interfere will likely persist through the end of the event.
Organizations involved are encouraged to monitor traffic closely and coordinate with national cybersecurity teams should disruptions occur. While the technical impact remains limited, the strategic message is clear: high-profile events remain a tempting stage for digital provocations.
