Sports Events: Hackers are now targeting high-profile sports events, venues: Microsoft report
Microsoft released its fifth instalment of Cyber Signals – a cyber threat intelligence brief – which states that such large events can introduce cyber risk for organisers, regional host facilities and attendees.
Read Also
Microsoft’s gaming division, Xbox, has denied the recent reports that an exploit in its console may let hackers permanently ban other user accounts, stated Kim Kunes, Xbox GM of trust and safety. Third-party apps or tools cannot impact player enforcements, and only accurate reports, violating the
HackerOne has announced that it is reducing 12% of its workforce due to economic slowdown. More than 50 employees based in the US, Canada, UK, Netherlands, and other countries will be impacted. Affected employees will receive severance packages that include cash and non-cash benefits. While
Scammers are using the buzz around the much-awaited movie releases for Barbie and Oppenheimer for phishing scams to steal users’ money and sensitive information, according to cybersecurity experts at Kaspersky. One fake page offers limited-edition Barbie dolls and an exclusive discount for the
What information is at risk
The report highlighted that sports teams, major league and global sporting associations, and entertainment venues house a trove of valuable information desirable to cybercriminals. The information on players’ and teams’ athletic performance, competitive advantage and personal information is a lucrative target.
“Unfortunately, this information can be vulnerable at-scale, due to the number of connected devices and interconnected networks in these environments,” the report noted.
“Often this vulnerability spans multiple owners, including teams, corporate sponsors, municipal authorities, and third-party contractors. Teams, coaches, athletes, and fans are also vulnerable to data loss and extortion,” it said.
Key findings from the report
The Microsoft report said that cyberattacks against sports organisations are increasing. As the pressure to deliver a smooth, safe experience on the world stage introduces new stakes for local hosts and facilities, a single misconfigured device, exposed password, or overlooked third party connection can lead to a data breach or successful intrusion.
Microsoft says that it delivered cybersecurity support to critical infrastructure facilities during the FIFA World Cup Qatar 2022.
“It performed over 634.6 million authentications while providing cybersecurity defences for Qatari facilities and organisations between November 10 and December 20, 2022,” the company said.
According to the report, there are threats from nation-states and cybercriminal groups. As large global events continue to be desirable targets for threat actors, there are a variety of motivations from nation-states for broader geopolitical interests.
“Furthermore, cybercriminal groups looking to leverage the vast financial opportunities that exist in sporting and venue-related IT environments will continue to see these as desirable targets,” the report noted.
How to safeguard
Microsoft recommends having an additional set of eyes monitoring the event around the clock to proactively detect threats and send notifications.
“Cybersecurity threats to sporting events and venues are diverse and complex. They require constant vigilance and collaboration among stakeholders to prevent and mitigate escalation, and with the global sports market valued at more than $600 billion, the target is rich,” the report said.
Identifying potential threats specific to the event, venue, or nation where the event occurs is also an important step to keep cyberattacks at bay.