Major Sporting Events Are Open Targets

A new study of sporting has found that events, organisations and venues are increasingly vulnerable to cyber attacks.

The Microsoft Threat Intelligence State of Play report highlights the growing opportunities for threat actors to target high-profile sporting events, “especially those in increasingly connected environments, introducing cyber risk for organisers, regional host facilities and attendees.”

Sporting events face unique cyber security challenges due to the vast digital surface that needs to be protected. This is because there are a range of connected devices and interconnected networks that can be exploited, alongside known and unknown vulnerabilities across different venues and arenas. This is further complicated by the numerous parties managing the various systems, such as corporate sponsors, municipal authorities and third-party contractors.

According to Microsoft, “Threat actors go where the targets are, capitalising on opportunities to launch targeted or widespread, opportunistic attacks. This extends into high-profile sporting events, especially those in increasingly connected environments, introducing cyber risk for organisers, regional host facilities, and attendees." Justin Turner, Principal Group Manager, Microsoft Security Research commented "Cyber security threats to large events and venues are diverse and complex. They require constant vigilance and collaboration among stakeholders to prevent and mitigate escalation."

Indeed, research has demonstrated rising attacks on high profile sports events and organisations in recent years with increasing cyber threats against stadium operations and sports teams prompting network scanning and the deactivation of unneeded device ports, as well as proper IT and OT system segmentation.

Goods vendors involved in live sports events have been urged to ensure the protection of their point-of-sale devices, while attendees have been encouraged to avoid public Wi-Fi usage for accessing sensitive information and scanning of untrusted QR codes.

Another report from the UK’s National Cyber Security Centre, (NCSC) in 2020, found that 70% of sports organisations experience at least one attack per year. “Cyber attacks against sports organisations are very common, with 70% of those surveyed experiencing at least one attack per annum. This is significantly higher than the average across UK business." the NCSC says.

Microsoft was involved in supporting the cybersecurity of critical infrastructure at the 2022 FIFA World Cup in Qatar. During this event Microsoft observed attackers continually attempted to compromise connected systems through identity-based attacks.

With the global sports market valued at more than USD600 billion, sports teams, major league and global sporting associations, and attendees house a trove of valuable information desirable to cyber criminals. Professional sports organisations need to partner with reputable cyber security firms to continuously monitor network traffic, detect potential threats in real time, and respond swiftly to any security incidents. 

By adopting these proactive measures, sports associations, teams, and venues can significantly enhance their resilience against cyber attacks and protect both their own infrastructure and the sensitive information of their patrons.

Microsoft:      Microsoft:    NCSC   Infosecurity Magazine:   SC Magazine:      News9:       Image: Hmamar

You Might Also Read: 

NCSC Come Off Bench To Help  Manchester United:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

 

« Generative AI Could Replace The Internet
Identifying & Analysing Emerging Cloud Threats »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Kent Interdisciplinary Research Centre in Cyber Security (KirCCS) - University of Kent

Kent Interdisciplinary Research Centre in Cyber Security (KirCCS) - University of Kent

KirCCS harnesses expertise across Kent University to address current and potential cyber security challenges.

Tiro Security

Tiro Security

Tiro Security is a boutique company specializing in information security and IT audit recruitment and solutions.

National Authority Against Electronic Attacks (NAAEA) - Greece

National Authority Against Electronic Attacks (NAAEA) - Greece

The National Authority Against Electronic Attacks (NAAEA) is the national computer emergency response team of Greece.

Ingalls Information Security

Ingalls Information Security

Ingalls Information Security provides network security, monitoring and forensics.

ThreatSpike Labs

ThreatSpike Labs

ThreatSpike Labs provides the first end-to-end fully managed security service for companies of all sizes.

Raqmiyat

Raqmiyat

Raqmiyat provides end-to-end IT Services and business solutions including consultancy, digital transformation, infrastructure and cybersecurity.

Brace168

Brace168

Specialising in Cyber Security incident identification and response, Brace168 is uniquely positioned to provide a vast experience in managed security services to meet the needs of all business types.

BlockAPT

BlockAPT

BlockAPT, empowering you with an advanced, intelligent cyber defence platform. We protect our customers digital assets by unifying operational technologies against advanced persistent threats.

Buchanan & Edwards

Buchanan & Edwards

Buchanan & Edwards delivers forward-focused technology solutions that help our clients transform the way they perform their missions.

InfusionPoints

InfusionPoints

InfusionPoints is your independent trusted partner dedicated to assisting you in building your secure and compliant business solutions.

TuxCare

TuxCare

TuxCare make Linux more secure. We take care of Linux so that organizations can use Linux to support environments that require high levels of Cybersecurity, stability, and availability.

Leaf IT

Leaf IT

Leaf IT are a pioneering cloud-first MSP, dedicated to helping businesses in the UK and Ireland. We focus on delivering tangible results for our clients through IT transformation.

Insane Cyber

Insane Cyber

Insane Cyber make cybersecurity easier to manage through automated, easy-to-use software and expert support and partnership.

CESAR

CESAR

CESAR is one of the premier R+D and innovation centers in Brazil and a designated Cybersecurity Competence Center.

Windstream

Windstream

Windstream is a leading provider of advanced network communications and technology solutions for consumers, small businesses, enterprise organizations and carrier partners across the US.

Price Forbes

Price Forbes

Building on more than 100 years of specialist insurance broking, Price Forbes partner with clients around the world who are looking to understand and balance today’s risk and plan for the future.