Major Sporting Events Are Open Targets

Uploaded on 2023-08-23 in NEWS-Cybersecurity News, FREE TO VIEW

A new study of sporting has found that events, organisations and venues are increasingly vulnerable to cyber attacks.

The Microsoft Threat Intelligence State of Play report highlights the growing opportunities for threat actors to target high-profile sporting events, “especially those in increasingly connected environments, introducing cyber risk for organisers, regional host facilities and attendees.”

Sporting events face unique cyber security challenges due to the vast digital surface that needs to be protected. This is because there are a range of connected devices and interconnected networks that can be exploited, alongside known and unknown vulnerabilities across different venues and arenas. This is further complicated by the numerous parties managing the various systems, such as corporate sponsors, municipal authorities and third-party contractors.

According to Microsoft, “Threat actors go where the targets are, capitalising on opportunities to launch targeted or widespread, opportunistic attacks. This extends into high-profile sporting events, especially those in increasingly connected environments, introducing cyber risk for organisers, regional host facilities, and attendees." Justin Turner, Principal Group Manager, Microsoft Security Research commented "Cyber security threats to large events and venues are diverse and complex. They require constant vigilance and collaboration among stakeholders to prevent and mitigate escalation."

Indeed, research has demonstrated rising attacks on high profile sports events and organisations in recent years with increasing cyber threats against stadium operations and sports teams prompting network scanning and the deactivation of unneeded device ports, as well as proper IT and OT system segmentation.

Goods vendors involved in live sports events have been urged to ensure the protection of their point-of-sale devices, while attendees have been encouraged to avoid public Wi-Fi usage for accessing sensitive information and scanning of untrusted QR codes.

Another report from the UK’s National Cyber Security Centre, (NCSC) in 2020, found that 70% of sports organisations experience at least one attack per year. “Cyber attacks against sports organisations are very common, with 70% of those surveyed experiencing at least one attack per annum. This is significantly higher than the average across UK business." the NCSC says.

Microsoft was involved in supporting the cybersecurity of critical infrastructure at the 2022 FIFA World Cup in Qatar. During this event Microsoft observed attackers continually attempted to compromise connected systems through identity-based attacks.

With the global sports market valued at more than USD600 billion, sports teams, major league and global sporting associations, and attendees house a trove of valuable information desirable to cyber criminals. Professional sports organisations need to partner with reputable cyber security firms to continuously monitor network traffic, detect potential threats in real time, and respond swiftly to any security incidents. 

By adopting these proactive measures, sports associations, teams, and venues can significantly enhance their resilience against cyber attacks and protect both their own infrastructure and the sensitive information of their patrons.

Microsoft:      Microsoft:    NCSC   Infosecurity Magazine:   SC Magazine:      News9:       Image: Hmamar

You Might Also Read: 

NCSC Come Off Bench To Help  Manchester United:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« Generative AI Could Replace The Internet
Identifying & Analysing Emerging Cloud Threats »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

See how to use next-generation firewalls (NGFWs) and how they boost your security posture.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

CoSoSys Endpoint Protector

CoSoSys Endpoint Protector

Endpoint Protector by CoSoSys is an advanced all-in-one DLP solution for Windows, macOS, and Linux, that puts an end to unintentional data leaks and protects from malicious data theft.

Waterfall Security Solutions

Waterfall Security Solutions

Waterfall Security is focused on protecting critical infrastructure and industrial control systems from remote online cyber attacks,

Allgress

Allgress

Allgress solutions converge disparate risk silos across enterprise networks and automate governance, risk and compliance management processes.

BitSight Technologies

BitSight Technologies

BitSight transforms how companies manage information security risk with objective, verifiable and actionable Security Ratings.

NPCore

NPCore

NPCore is specialized in defense solution against unknown APT and Ransomware and provides two-level defense on network and endpoint based on behavior.

SOOHO

SOOHO

SOOHO helps to detect security vulnerabilities earlier. Our blockchain security platform audits from smart contracts to on-chain transactions.

Centre for Multidisciplinary Research, Innovation & Collaboration (C-MRiC)

Centre for Multidisciplinary Research, Innovation & Collaboration (C-MRiC)

C-MRiC collaborates on initiatives, ranging from national cyber security, enterprise security, information assurance, protection strategy, climate control to health and life sciences.

iHLS Startups Accelerator

iHLS Startups Accelerator

iHLS Accelerator is the first startup accelerator in the world in the security and homeland security field.

Center for Education & Research in Information Assurance & Security (CERIAS)

Center for Education & Research in Information Assurance & Security (CERIAS)

CERIAS is one of the world’s leading centers for research and education in areas of information and cyber security.

Trusted Connectivity Alliance (TCA)

Trusted Connectivity Alliance (TCA)

Trusted Connectivity Alliance is a global, non-profit industry association which is working to enable a secure connected future.

SightGain

SightGain

SightGain is the only integrated risk management solution focused on cybersecurity readiness using real-world attack simulations in your live environment.

CyberNet Albania

CyberNet Albania

Cybernet Albania has been providing IT support and services to small businesses since 2016. We strive to eliminate your IT issues before they cause downtime and impact your operations.

CyNam

CyNam

CyNam is a platform for enabling the growth and development of people and organisations within Cheltenham’s flourishing cyber technology ecosystem.

HEQA Security

HEQA Security

HEQA Security (formerly QuantLR) offer the world’s most cost-effective, easy-to-integrate, and secure Quantum Key Distribution (QKD) solution

DeviQA

DeviQA

DeviQA provide best-in-class quality assurance services to companies of all sizes.

SPIE Switzerland

SPIE Switzerland

SPIE Switzerland AG, a subsidiary of the SPIE Group, is a Swiss full-service provider of ICT, multi-technical and integral facility services.