Major Sporting Events Are Open Targets

Uploaded on 2023-08-23 in NEWS-News Analysis, FREE TO VIEW

A new study of sporting has found that events, organisations and venues are increasingly vulnerable to cyber attacks.

The Microsoft Threat Intelligence State of Play report highlights the growing opportunities for threat actors to target high-profile sporting events, “especially those in increasingly connected environments, introducing cyber risk for organisers, regional host facilities and attendees.”

Sporting events face unique cyber security challenges due to the vast digital surface that needs to be protected. This is because there are a range of connected devices and interconnected networks that can be exploited, alongside known and unknown vulnerabilities across different venues and arenas. This is further complicated by the numerous parties managing the various systems, such as corporate sponsors, municipal authorities and third-party contractors.

According to Microsoft, “Threat actors go where the targets are, capitalising on opportunities to launch targeted or widespread, opportunistic attacks. This extends into high-profile sporting events, especially those in increasingly connected environments, introducing cyber risk for organisers, regional host facilities, and attendees." Justin Turner, Principal Group Manager, Microsoft Security Research commented "Cyber security threats to large events and venues are diverse and complex. They require constant vigilance and collaboration among stakeholders to prevent and mitigate escalation."

Indeed, research has demonstrated rising attacks on high profile sports events and organisations in recent years with increasing cyber threats against stadium operations and sports teams prompting network scanning and the deactivation of unneeded device ports, as well as proper IT and OT system segmentation.

Goods vendors involved in live sports events have been urged to ensure the protection of their point-of-sale devices, while attendees have been encouraged to avoid public Wi-Fi usage for accessing sensitive information and scanning of untrusted QR codes.

Another report from the UK’s National Cyber Security Centre, (NCSC) in 2020, found that 70% of sports organisations experience at least one attack per year. “Cyber attacks against sports organisations are very common, with 70% of those surveyed experiencing at least one attack per annum. This is significantly higher than the average across UK business." the NCSC says.

Microsoft was involved in supporting the cybersecurity of critical infrastructure at the 2022 FIFA World Cup in Qatar. During this event Microsoft observed attackers continually attempted to compromise connected systems through identity-based attacks.

With the global sports market valued at more than USD600 billion, sports teams, major league and global sporting associations, and attendees house a trove of valuable information desirable to cyber criminals. Professional sports organisations need to partner with reputable cyber security firms to continuously monitor network traffic, detect potential threats in real time, and respond swiftly to any security incidents. 

By adopting these proactive measures, sports associations, teams, and venues can significantly enhance their resilience against cyber attacks and protect both their own infrastructure and the sensitive information of their patrons.

Microsoft:      Microsoft:    NCSC   Infosecurity Magazine:   SC Magazine:      News9:       Image: Hmamar

You Might Also Read: 

NCSC Come Off Bench To Help  Manchester United:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« Generative AI Could Replace The Internet
Identifying & Analysing Emerging Cloud Threats »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

National Cyber Directorate Israel

National Cyber Directorate Israel

The Israeli National Cyber Directorate provides incident handling services for civilian entities and critical infrastructures and works to increase national resilience against cyber threats.

NextLabs

NextLabs

NextLabs provides data-centric security software to protect business-critical data and applications.

Centripetal Networks

Centripetal Networks

Centripetal Networks was founded with one vision - to protect networks from advanced threats by simplifying intelligence-driven security.

Global Learning Systems (GLS)

Global Learning Systems (GLS)

Global Learning Systems provides security awareness and compliance training programs for employees that effectively promote behavior change and protect your organization.

Skkynet Cloud Systems

Skkynet Cloud Systems

Skkynet is a leader in real-time data systems for the secure management and control of industrial processes (SCADA) and embedded devices (M2M).

Proact IT Group

Proact IT Group

Proact is Europe's leading independent data centre and Cloud services enabler. We deliver flexible, accessible and secure IT solutions and services.

US Secret Service

US Secret Service

The US Secret Service has a pivotal role in securing the nation’s critical infrastructures, specifically in the areas of cyber, banking and finance.

Logic Supply

Logic Supply

Logic Supply is a global industrial PC company focused on hardware for the IoT edge. We design highly-configurable computers engineered for reliability.

WisePlant

WisePlant

WisePlant's portfolio of solutions and services includes process measurement, secure automation, industrial cybersecurity, functional safety and more.

Datacentrix

Datacentrix

Datacentrix provides end-to-end cybersecurity services for the operational technology (OT) and IT environments to monitor, assess and defend our customers' information assets.

White Hawk Software

White Hawk Software

White Hawk provides code tamper-proofing solutions to protect mission critical software applications from malicious and Zero day attacks and reverse engineering at run time.

Hassans International Law Firm

Hassans International Law Firm

Hassans is the largest law firm in Gibraltar, providing a full range of legal services across corporate and commercial law including Data Protection and GDPR compliance.

Cyturus Technologies

Cyturus Technologies

Cyturus Technologies delivers cybersecurity business risk quantification services using our proprietary Adaptive Risk Model (ARM).

PrivacySavvy

PrivacySavvy

PrivacySavvy's mission is to provide you with all the information that you need to ensure that your internet privacy is intact, your devices are secure, and that any time you step online, you’re safe.

Cymptom

Cymptom

At Cymptom our purpose is to enable security managers to see at a glance all urgently risky gaps  in their organizations’ security posture at any given moment.

Wabbi

Wabbi

Wabbi’s continuous security platform centralizes, automates and orchestrates security governance and vulnerability management to empower development teams to own appsec.