Based on its learnings and telemetry from delivering cybersecurity support to critical infrastructure facilities during the 2022 FIFA World Cup in Qatar, Microsoft’s latest Cyber Signals report highlights threats to large venues, sporting and entertainment events.
Major sporting events such as the recent Netball World Cup in Cape Town and the Women’s World Cup in New Zealand, as well as the Rugby World Cup in France and the Cricket World Cup in India will continue to attract cyberthreats, says Microsoft.
“Cybersecurity threats to large events and venues, especially those in increasingly connected environments are diverse and complex, and require constant vigilance and collaboration among stakeholders to prevent and mitigate escalation,” says Colin Erasmus, COO at Microsoft South Africa.
Venue IT systems and arenas contain hundreds of known and unknown vulnerabilities that allow threat actors to target critical business services such as point-of-sale devices, IT infrastructures, and visitor devices. Additionally, teams, coaches, and athletes themselves are also vulnerable to data loss on athletic performance, competitive advantage, and personal information.
“The huge swell of attendees and staff that bring data and information with them through their own devices increases the attack surface and can also be targeted through vulnerable event digital amenities like companion mobile apps, wireless hotspots, and QR codes with malicious URLs,” adds Erasmus.
Microsoft Defender Experts for Hunting developed comprehensive cybersecurity defences for Qatari facilities and organisations supporting the FIFA World Cup tournament. Defender Experts for Hunting conducted an initial risk assessment, factoring in threat actor profiles, adversary tactics, techniques, and procedures, and other global intelligence from Microsoft’s telemetry. Microsoft ultimately analysed more than 634,4-million events while providing cybersecurity defences for Qatari facilities and organisations throughout November and December of 2022.
“To safeguard against cybersecurity threats, sports, associations, teams, and venues must adopt robust protective measures,” says Erasmus. “As a first step they should prioritise the implementation of a comprehensive and multi-layered security framework. This includes deploying firewalls, intrusion detection and prevention systems, and strong encryption protocols to fortify the network against unauthorised access and data breaches. Regular security audits and vulnerability assessments should be conducted to identify and address any weaknesses within the network infrastructure.”
Furthermore, user awareness and training programmes are crucial to educating employees and stakeholders about cybersecurity best practices such as recognising phishing emails, using multifactor authentication or passwordless protection, and avoiding suspicious links or downloads.
“It is essential to partner with reputable cybersecurity firms to continuously monitor network traffic, detect potential threats in realtime, and respond swiftly to any security incidents,” says Erasmus. “Knowing safe practices can help enterprises and attendees sidestep becoming victims of data theft or social engineering attacks.”