The Cyber Threats Haunting Sporting Events
The FIFA World Cup is over and it remains to be seen what cyber threats fans and organisers faced. Daniel Norman, Senior Solutions Analyst at the ISF, looks at why large-scale sporting events attract cyber attacks.
The FIFA World Cup is arguably the worlds’ most iconic, prestigious tournament in football. The 2022 version saw 32 nations from all corners of the globe travel to Qatar to compete for the first time on Middle Eastern soil. Over 1.5 million fans were expected to travel to Qatar for the tournament itself, and FIFA estimated over 5 billion people would watch the tournament from their homes – making it perhaps the most watched sporting event ever.
Economic boost
The event itself was highly anticipated and years in the making. The 2022 series is also likely the most expensive event ever too: The Qatari government has pumped over $220 billion over 10 years into hosting the World Cup and to support long-term economic development. The government spent $10 billion on seven stadia, built new transportation links, an airport, hotels, telecommunications infrastructure, and a significant sum on a metro system in greater Doha. The tournament was also one of the most technically progressive ever, leveraging a wealth of technologies, such as providing world-class 5G enabled connected stadia, advanced cooling systems, digital ticketing applications and semi-automated assistant refereeing systems. The hope was that the event would kick-start economic growth across the region - and a successful, threat-free event was vital to achieving this.
The backdrop to the tournament, however, was contentious and volatile.
A scammer's delight
The largest, most technology-centric sporting event in the world, coupled with a tense geopolitical backdrop made for a complex and dangerous cyber threat landscape. But the FIFA World Cup was not alone in being prone to cyber attacks, as past sporting events will support. It's also a scenario that we will see playing out time and time again at large-scale sporting events across the globe.
Sadly, sporting events are the perfect source material for fraud and scammers. Fans and the general public should be aware that the likelihood of social engineering and phishing campaigns taking place will rise significantly. Attackers leveraging psychological techniques and use newsworthy content because they know the World Cup is the most popular and engaging event. For example, fans attending the Liverpool vs Real Madrid Champions League Final in Paris experienced fake ticket scams, with phishing content becoming increasingly realistic, losing thousands of pounds and euros in the process.
Timing is all
Attackers also time their social engineering and phishing campaigns around the tournament, following the group stages into the knockouts and knowing exactly where and when teams might play to launch believable ‘competitions’ on social media or via email. For example, during the 2018 World Cup, phishing incidents referencing ‘world cup tickets’ rocketed by 1000% during the 4-week window. The expectation is many opportunistic attackers will be carefully crafting these scams and unleashing them at the right moment.
领英推荐
Beware the fakes
The World Cup is one of the biggest sponsored events in the world, with the world’s biggest brands like Budweiser, Coca-Cola and many more paying millions to access the global community who avidly watched the games. Attackers will try to impersonate domains to mimic legitimate brands to conduct hostile activities. Just a week before 2022's World Cup kicked off researchers had already found nearly 200 malicious domains impersonating official Qatari World Cup homepages and ticketing sites, as well as a vast variety of fake mobile apps.
Tech vulnerabilities
In addition to ticket-related risks, the tournament itself presented a vast landscape of vulnerabilities that nation state actors, hacktivists and cyber criminals could target. Connected 5G stadia, with automated cooling systems, video assistant referees, World Cup-related applications and many more dependent technologies were all opportunities to be targeted by nation state actors, and cyber criminals to cause disruption to operations, as well as aiming to ruin the reputation of the host nation. For example, the 2018 Winter Olympics in Pyeongchang was hit by a cyber attack just minutes before the opening ceremony… Many commentators blame Russia for this particular attack for being banned from the event itself.
Reputation investment
With this in mind, the Qatari government spent millions on securing its infrastructure, and partnered with global associations and industry bodies to protect the tournament itself. Their reputation rested on a successful event so it was no surprise the investment was there. The effective implementation of controls, monitoring capabilities and incident response to potential threats would have been tested both before, during and after the games, and hopefully they were ready.
At a fan level, what can we do? Although the World Cup has ended, fans attending future global events should be extremely vigilant online, and question any brand competition, testing the provenance of information from dubious sources. Never share personal or credit card information with any application that isn’t certified, and if you can, report potential phishing incidents to your company and beyond.