Microsoft warns sporting events could be targets for major cyberattacks

Sophia Smith #11 of the United States scores a goal and celebrates during a game between Germany and USWNT

(Image credit: Photo by Brad Smith/ISI Photos/Getty Images)

Microsoft has offered up some salient advice on how organizations, particularly those involved with large sporting events, should protect themselves and attendees.

In the fifth installment of its Cyber Signals report, the tech giant offers insight into how threat actors manage to breach venues, teams and infrastructure of popular sporting events.

It comes at a crucial time, with the FIFA Women's World Cup currently taking place in Australia and New Zealand, and a survey conducted the UK's National Cyber Security Centre (NCSC) found that 70% of sporting organizations it surveyed suffer at least one cyberattack per year.

Unique challenges

The Cyber Signals report notes that valuable information associated with sporting events is at greater risk now more than ever, thanks to the increase in the number of interconnected networks and devices at venues.

It adds that IT systems at these venues have their own vulnerabilities, both known and unknown, which threat actors can exploit to infect systems with malware and steal information.

> Many top Android sports and betting apps have some serious security flaws

> UK illegal sport streamers to be visited by authorities amid major piracy crackdown

> Going to the World Cup? Get ready to have your privacy invaded

The sorts of information that can be stolen include point of sale data, personal data from visitor's devices, which can be gained through breaching companion apps and wireless hotspots, as well as proliferating QR codes with malicious URLs.

Sports teams themselves are also a target, as they have data relating to athletic performance as well as personal information on individuals that may be worthwhile to a hacker.

The report also notes that Microsoft helped to protect IT infrastructure at the 2022 FIFA World Cup in Qatar, with its Defender Experts for Hunting team conducting risk assessments and developing cybersecurity defenses for facilities and organizations.

Microsoft also says that the nature of sporting events present their own unique challenges not seen in other environments. They often happen quickly, and many vendors and organizations come together and access fundamental networks on a temporary basis, so there isn't much chance to evaluate and refine the security posture.

Venues also need to consider the risk to privacy that comes with a cybersecurity presence, so it needs to be taken into account whether setting up this infrastructure will contravene such privacy policies in place.

Microsoft recommends that everyone at sporting events, from the venue itself to the teams and associations must take cybersecurity seriously. They should use multi-layered protection, including firewalls, intrusion detection and prevention, and strong encryption protocols to protect networks.

Audits and assessments must be carried out regularly too, to ensure that any weaknesses are swiftly dealt with.

This is the best endpoint protection to keep your organization secure

Lewis Maddison is a Staff Writer at TechRadar Pro. His area of expertise is online security and protection, which includes tools and software such as password managers.

His coverage also focuses on the usage habits of technology in both personal and professional settings - particularly its relation to social and cultural issues - and revels in uncovering stories that might not otherwise see the light of day.

He has a BA in Philosophy from the University of London, with a year spent studying abroad in the sunny climes of Malta.

Latest

We've tested loads of office chairs - and our top choice gets the deal treatment for Cyber Monday

See more latest ►

Unique challenges

Are you a pro? Subscribe to our newsletter

Most Popular