Major Sporting Events Are Open Targets

Uploaded on 2023-08-23 in NEWS-Cybersecurity News, FREE TO VIEW

A new study of sporting has found that events, organisations and venues are increasingly vulnerable to cyber attacks.

The Microsoft Threat Intelligence State of Play report highlights the growing opportunities for threat actors to target high-profile sporting events, “especially those in increasingly connected environments, introducing cyber risk for organisers, regional host facilities and attendees.”

Sporting events face unique cyber security challenges due to the vast digital surface that needs to be protected. This is because there are a range of connected devices and interconnected networks that can be exploited, alongside known and unknown vulnerabilities across different venues and arenas. This is further complicated by the numerous parties managing the various systems, such as corporate sponsors, municipal authorities and third-party contractors.

According to Microsoft, “Threat actors go where the targets are, capitalising on opportunities to launch targeted or widespread, opportunistic attacks. This extends into high-profile sporting events, especially those in increasingly connected environments, introducing cyber risk for organisers, regional host facilities, and attendees." Justin Turner, Principal Group Manager, Microsoft Security Research commented "Cyber security threats to large events and venues are diverse and complex. They require constant vigilance and collaboration among stakeholders to prevent and mitigate escalation."

Indeed, research has demonstrated rising attacks on high profile sports events and organisations in recent years with increasing cyber threats against stadium operations and sports teams prompting network scanning and the deactivation of unneeded device ports, as well as proper IT and OT system segmentation.

Goods vendors involved in live sports events have been urged to ensure the protection of their point-of-sale devices, while attendees have been encouraged to avoid public Wi-Fi usage for accessing sensitive information and scanning of untrusted QR codes.

Another report from the UK’s National Cyber Security Centre, (NCSC) in 2020, found that 70% of sports organisations experience at least one attack per year. “Cyber attacks against sports organisations are very common, with 70% of those surveyed experiencing at least one attack per annum. This is significantly higher than the average across UK business." the NCSC says.

Microsoft was involved in supporting the cybersecurity of critical infrastructure at the 2022 FIFA World Cup in Qatar. During this event Microsoft observed attackers continually attempted to compromise connected systems through identity-based attacks.

With the global sports market valued at more than USD600 billion, sports teams, major league and global sporting associations, and attendees house a trove of valuable information desirable to cyber criminals. Professional sports organisations need to partner with reputable cyber security firms to continuously monitor network traffic, detect potential threats in real time, and respond swiftly to any security incidents. 

By adopting these proactive measures, sports associations, teams, and venues can significantly enhance their resilience against cyber attacks and protect both their own infrastructure and the sensitive information of their patrons.

Microsoft:      Microsoft:    NCSC   Infosecurity Magazine:   SC Magazine:      News9:       Image: Hmamar

You Might Also Read: 

NCSC Come Off Bench To Help  Manchester United:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« Generative AI Could Replace The Internet
Identifying & Analysing Emerging Cloud Threats »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Cyber 360

Cyber 360

Cyber 360 is a Cybersecurity contract and fulltime placement firm dedicated to identifying and hiring Cybersecurity professionals.

Atos

Atos

Atos provides a unique Cyber Security end to end solution with a data-centric and pre-emptive security approach.

Comiq

Comiq

Comiq provide software quality assurance, testing and project management services. Areas of expertise include cybersecurity.

National Cyber Security Centre (NCSC) - Switzerland

National Cyber Security Centre (NCSC) - Switzerland

The National Cyber Security Centre is Swizerland's competence centre for cybersecurity and the first contact point for businesses, public administrations, and the public for cyber issues.

Center for Long-Term Cybersecurity (CLTC)

Center for Long-Term Cybersecurity (CLTC)

The Center for Long-Term Cybersecurity is developing and shaping cybersecurity research and practice based on a long-term vision of the internet and its future.

Spanish Network of Excellence on Cybersecurity Research (RENIC)

Spanish Network of Excellence on Cybersecurity Research (RENIC)

RENIC is a membership based sectoral association that includes research centers and other agents of the research cybersecurity ecosystem in Spain.

ReliaQuest

ReliaQuest

ReliaQuest’s GreyMatter solution connects existing technology, people, and process – then equips security teams with unified, actionable insights across their entire environment.

Atlantic Security Conference (AtlSecCon)

Atlantic Security Conference (AtlSecCon)

Atlantic Security Conference is a non-profit, annual, information security conference located in Halifax, Nova Scotia, Canada.

Elevate Security

Elevate Security

Elevate is the leading Security Behavior Platform, changing employee security habits while giving security teams unprecedented visibility.

Prevasio

Prevasio

Prevasio is a next-gen Cloud Security Posture Management (CSPM) with a built-in Vulnerability and Anti-Malware Scan for Containers.

HORNE

HORNE

HORNE is a professional services firm supporting clients in public, private & government sectors nationwide.

Valimail

Valimail

Valimail delivers the only complete, cloud-native platform for validating and authenticating sender identity to stop phishing, protect and amplify brands, and ensure compliance.

Siometrix

Siometrix

Siometrix addresses digital identity fraud. It steals your attacker's time and prevents many prevalent attack vectors.

QFunction

QFunction

QFunction works within your existing security stack to detect anomalies and threats within your data.

Gcore

Gcore

Gcore is an international leader in public cloud and edge computing, content delivery, hosting, and security solutions.

Foresights

Foresights

Foresights is a Nordic company utilizing advanced intelligence tradecraft and extensive cyber security capabilities to deliver services and advisory tailored to our client’s critical requirements.