With nearly half the world watching the 2018 FIFA World Cup, which kicks off today, odds are several security professionals will be looking to sneak a peak at the games, which could be bad for the security of your business. Last Line researchers surveyed 326 professionals and found 30 percent of them suggested they would wait until after a crucial match to fix an urgent corporate security issue, according to a 11 June 11 blog post.
Fortunately, 83 percent don't believe that the FIFA World Cup poses a risk to their organisation, however, 72 percent of them believe a cyber-attack against the event in the form of a DDoS attack, social media channel hack, email correspondence or mobile threats is likely.
“With DDoS attacks on global sporting events including this year's Winter Olympics in South Korea being the new normal, it's hardly surprising that further attacks are being forecast for the FIFA World Cup that kick-off today,” Andrew Lloyd, president of Corero Network Security said. “Given current geo-politics, the football World Cup does present an opportunity for Nation State-sponsored attacks on political foes that will make Eurovision tactical voting look like a playground scuffle.
Lloyd noted that the opening ceremony is followed by a Russia versus Saudi Arabia match that will likely pique interest in Iran and elsewhere.
Live broadcast streams and highly lucrative in-game betting are also risk areas with a higher commercial impact that further add to the pressure on digital enterprises to invest in real-time defences that automatically detect and mitigate attacks so that they can stay online and open for business during a cyber-attack.
During the 2014 FIFA World Cup, 3.2 billion people watched at least one minute of a match during the month-long tournament with no signs of slowing down for the 2018 World Cup.
Separately, there are warnings of increased world-cup related scamming. David Grout, technical director at FireEye emailed SC Media UK to comment: "The main risk we see around major events is cyber-criminal activity with a financial objective. We have already seen phishing campaigns targeting this year's World Cup for a couple of weeks, using several methods such as low-cost ticket offers, the chance to win trips to Russia and promotions for items related to the World Cup (national team jerseys, mugs featuring players etc.). In order to increase their credibility attackers mostly buy domains that resonate with the World Cup, so one can receive spam or phishing emails with addresses containing keywords associated with the event. The cyber criminal's goal in this type of attack is to access your payment credentials.
"The second risk we are seeing, which is likely to accelerate, is associated with the geopolitical stakes of an event. As we have seen with previous events, there's heightened risk of denial of service attacks, with potential website defacement occurring in order to discredit the organisers. It is also an increasing risk that state-sponsored groups will attempt to destabilise the IT and EO infrastructure used during such events. The main objective being to expose the hosting country by showing it vulnerable. From a geopolitical point of view we also observe historically an acceleration of attacks and leaks of information trying to discredit the actions of such or such organisations, the most notorious example being the APT28 campaign against the world anti-doping agency.
"Finally, the last major risk that we anticipate is the one for the traveller. During major events we regularly observe information theft through various methods including physical hardware theft, hijacking of wifi hotspot etc. It is therefore important for the traveller to take precautions including encryption of data, use of terminals without sensitive information stored, use of VPN, setting up multi-factor authentication on sensitive applications, and safekeeping of equipment."
Andrew Lloyd, president at Corero Network Security adds in an email to SC: “With DDoS attacks on global sporting events including this year's Winter Olympics in South Korea being the new normal, it's hardly surprising that further attacks are being forecast for the FIFA World Cup that kick-off today.
“These threats further add to the pressure on digital enterprises to invest in real-time defences that automatically detect and mitigate attacks allowing them to stay online and open for business during a cyber-attack.”