Cyber security in international sporting events

CyBiz is currently in Paris for the opening of the Rugby World Cup. With the Olympics next year in Paris and the FIFA Women’s World Cup having recently finished in Australia and New Zealand, it’s a good opportunity to consider the Cyber Security risks associated with large international sporting events. These events make high-profile targets for cyberattacks, both due to their global significance, as well as the vast amount of data and infrastructure involved. In 2018, the official website for the Winter Olympics in South Korea was taken down by a cyber-attack, which was attributed to a nation state attack.

Microsoft’s recently issued Cyber Signals Issue 5: State of Play reported that cyberattacks against sports organisations are increasing, as threat actors go where the targets are, capitalising on opportunities to launch targeted or widespread, opportunistic attacks. With the global sports market valued at more than USD 600 billion, the target is certainly rich.

Risks to individuals, many of whom are travelling away from home, include phishing, social engineering, as well as general travel risks such as use of public Wi-Fi.

1. Phishing: Cybercriminals often use phishing emails or websites to trick event participants, or attendees into revealing sensitive information, such as login credentials or financial details. Browsing or logging into websites in a foreign language compounds this risk.
2. Social Engineering: Attackers can exploit the trust and excitement surrounding sporting events to manipulate individuals into divulging sensitive information or performing harmful actions. People may pose as officials to achieve this outcome.
3. Public Wi-Fi Risks: Events often offer free public Wi-Fi, which can be an attractive target for hackers looking to intercept data or launch attacks on unsuspecting users. Ideally use virtual private networks (VPNs) when connected to public Wi-Fi – although sometimes the VPN will block this access.
4. Mobile App Vulnerabilities: Event-related mobile apps can be vulnerable to various security issues, such as insecure data storage, weak encryption, or malicious third-party plugins. Attackers may exploit these vulnerabilities to steal user data or distribute malware.
5. Data Breaches: Sporting events collect and store a significant amount of sensitive data, including athlete information, ticket sales, and financial records. Cybercriminals try to target this data, and breaches can lead to identity theft, fraud, and other security issues.

Cyber security risks for organisers of international sporting events are also significant, both from nation state actors and cyber criminals.

1. Distributed Denial of Service (DDoS) Attacks: DDoS attacks can disrupt event websites, ticketing systems, and broadcasting services, causing inconvenience for spectators and financial losses for event organisers.
2. Ransomware: Attackers may deploy ransomware to encrypt critical systems or data, demanding a ransom for their release. This can disrupt the event’s operations as well as leading to data loss and significant financial damages.
3. Infrastructure Attacks: International sporting events rely heavily on IT and other infrastructure and for broadcasting, ticketing, scoring, and security. An attack on IT infrastructure can cause service disruptions, safety concerns, also impacting participants and spectators.
4. Nation-State Attacks: Given the current geo-political climate and the Ukraine War, high profile international sporting events may be targeted by nation-state actors for political or economic reasons. These attacks can be highly sophisticated and may have broader geopolitical implications, and some nation states seem to be willing to absorb collateral damage from attacks if it supports their broader geopolitical interests.
5. Cyber Espionage: Individual teams may be targeted by cyber criminals, betting organisations, or even competing teams, to access confidential information or just to cause distraction and disruption.
6. Venue attacks and disruptions: Individual games  are held at venues operated by third parties, and these can also be targeted separately from the overall event organiser, but with the same overall consequences of data loss, disruption and financial loss. Venues and other third-party suppliers can also be used to access event organiser systems.

Participants and visitors need to be vigilant and have data and device back-ups in place. Event organisers and participating teams should have strict protocols in place, which include incident response retainers and plans.

As for the next few weeks with the Rugby World Cup, best of luck to the New Zealand All Blacks and also to the Australian Wallabies (unless they are playing the All Blacks)!!

Contact CyBiz to support your organisation to prepare cyber security requirements for its role in organising or participating in a significant sporting event.