Hackers target large 
sports events

Microsoft’s latest Cyber Signals report highlights threats to large venues, and sporting and entertainment events, based on its learnings and telemetry from delivering cybersecurity support to critical infrastructure facilities during the State of Qatar’s hosting of the FIFA World Cup in 2022.

With major sporting events, like the recent netball and soccer tournaments across the world and on the African continent and more to look forward to later this year, such as the rugby and cricket contests, Microsoft anticipates that large scale events such as these will continue to attract cyberthreats.

“Cybersecurity threats to large events and venues, especially those in increasingly connected environments, are diverse and complex, and require constant vigilance and collaboration among stakeholders to prevent and mitigate escalation,” says Colin Erasmus, chief operations officer at Microsoft South Africa.

Venue IT systems and arenas contain hundreds of known and unknown vulnerabilities that allow threat actors to target critical business services such as point-of-sale devices, IT infrastructures, and visitor devices. Additionally, teams, coaches, and athletes themselves are also vulnerable to data loss on athletic performance, competitive advantage, and personal information.

“The huge swell of attendees and staff that bring data and information with them through their own devices increases the attack surface and can also be targeted through vulnerable event digital amenities, like companion mobile apps, wireless hotspots, and QR codes with malicious URLs.”

Microsoft Defender Experts for Hunting developed comprehensive cybersecurity defences for Qatari facilities and organisations supporting the soccer tournament. Defender Experts for Hunting conducted an initial risk assessment, factoring in threat actor profiles, adversary tactics, techniques, and procedures, and other global intelligence from Microsoft’s telemetry. Microsoft ultimately analysed more than 634.4-million events while providing cybersecurity defences for Qatari facilities and organisations throughout November and December of 2022.  

“To safeguard against cybersecurity threats, sports, associations, teams, and venues must adopt robust protective measures,” says Erasmus. “As a first step they should prioritise the implementation of a comprehensive and multi-layered security framework. This includes deploying firewalls, intrusion detection and prevention systems, and strong encryption protocols to fortify the network against unauthorised access and data breaches. Regular security audits and vulnerability assessments should be conducted to identify and address any weaknesses within the network infrastructure.”

User awareness and training programmes are crucial to educating employees and stakeholders about cybersecurity best practices, such as recognising phishing emails, using multifactor authentication or passwordless protection, and avoiding suspicious links or downloads.

“It is essential to partner with reputable cybersecurity firms to continuously monitor network traffic, detect potential threats in real time, and respond swiftly to any security incidents. Knowing safe practices can help enterprises and attendees sidestep becoming victims of data theft or social engineering attacks.”

* For more information, read the fifth edition of Cyber Signals.