Cyber resilience during major events and international conferences

01.06.2026 - Large-scale events and international conferences are often used as an opportunity to stage a cyberattack. The National Cyber Security Centre (NCSC) therefore expects disruptive maneuvers in cyberspace again in the context of the G7 summit, organised by France, which will take place from 15 to 17 June 2026 in Évian. In order to minimise cyber risks for organisations involved in such events, it is important to have broad-based protective measures in place. The NCSC has published recommendations on such protective measures.

Major events and international conferences, such as the the G7 summit hosted by France in Évian in mid-June 2026, not only attract public attention, they also change the cyber threat landscape. There is a high probability that cybercriminals, hacktivists and other actors will use such events for cyber attacks or that participants and their organisations will become the target of such attacks. While the motivation and aims of the perpetrators of cyberattacks may differ, the basic protection measures required remain the same. A large number of potential cyber incidents can be prevented when these are in place.

While the motives and objectives of cyberattackers may differ, the core protective measures remain the same as in normal circumstances. Consistently applying these measures can prevent a wide range of cyber incidents. The NCSC recommends following them at all times – regardless of the current threat level – and reporting any suspicious activity using the NCSC online reporting form.

The NCSC is working closely with the organisations involved in staging the G7 summit. It has raised awareness among them and among operators of critical infrastructure in Switzerland, and has issued recommendations to help minimise risk.

The NCSC anticipates that there will be disruptive cyberoperations during the G7 summit, particularly distributed denial-of-service (DDoS) attacks targeting Swiss organisations. These attacks aim to flood websites and online services with traffic, rendering them partially or completely inaccessible. No data is lost in a DDoS attack. Such attacks are often linked to politically or ideologically motivated actors (hacktivists) seeking visibility and media attention or aiming to unsettle the public.

The NCSC has drawn up a summary of recommended measures to be applied in the context of particularly exposed events:

The perpetrators of such attacks on the availability of websites and services usually want to generate media attention in order to spread their ideology. The NCSC is asking journalists to bear this in mind when writing their articles, so that the attackers receive as little attention as possible.