Sporting events and venues are increasingly vulnerable to cyber-attacks, a new study from Microsoft has found.
The Microsoft Threat Intelligence State of Play report highlighted the growing opportunities for threat actors to target high-profile sporting events, “especially those in increasingly connected environments, introducing cyber risk for organizers, regional host facilities and attendees.”
Research has demonstrated rising attacks on high profile sports events and organizations in recent years. For example, a report from the UK’s National Cyber Security Centre (NCSC) in 2020 found that 70% of sports organizations experience at least one attack per year.
A Vast Digital Playing Field
Microsoft supported the cybersecurity of critical infrastructure at the 2022 FIFA World Cup in Qatar. During this event Microsoft observed attackers continually attempted to compromise connected systems through identity-based attacks, Justin Turner, Principal Group Manager, Microsoft Security Research, told Infosecurity.
“What we saw was consistent, with cyber-criminals being opportunistic and seeing where they can infiltrate and find gaps between a lot of connected systems, in the context of a large event. The cybercrime economy's sheer size and low barriers to entry make this kind of opportunism a significant risk to account for in planning and having layered defenses in place,” he said.
Numerous publicly reported sport-related cyber-attacks have taken place in the past five years, including:
- January 2018: Russian threat actors carried out a range of attacks designed to disrupt and discredit the Winter Olympics in Pyeongchang, South Korea
- November 2020: English Premier League football giants Manchester United experienced a “sophisticated” cyber-attack, suspected to be ransomware.
- April 2021: US National Basket Association (NBA) side Houston Rockets were targeted by ransomware attackers, who claimed to have stolen 500 gigabytes of Rockets’ data, including contracts, non-disclosure agreements, and financial data. Internal cyber-defenses were effective in limiting the spread of ransomware on the club’s systems.
- February 2022: US National Football League (NFL) club the San Francisco 49ers confirmed it was hit by a ransomware attack one day before the Sunday Super Bowl.
- March 2022: Personal data belonging to American Major League Baseball Players and their family members were reportedly stolen during a cyber-attack on a third-party vendor.
Sporting events face unique cybersecurity challenges due to the vast digital surface that needs to be protected – with a high level of cyber-physical convergence. This means there are a range of connected devices and interconnected networks that can be exploited, alongside known and unknown vulnerabilities across different venues and arenas.
Turner told Infosecurity: “What makes the sports landscape unique is that the IT assets and operations are so different, you have a lot of mobile devices across teams and staff, and a lot of connectivity across different stadiums, training facilities, hotels and other venues. And the nature of these connections is that they stand up and down as teams complete in seasons and tournaments.”
No tags.
