Information security professionals are preparing for the worst as this year's FIFA World Cup kicks off. The World Cup of football (a.k.a., soccer in the US) is set to take center stage in Russia. The tournament kicks off tonight between Russia and Saudi Arabia. While it's highly anticipated by football fans and hackers alike, security professionals believe that some sort of cyber-attack will occur on the 2018 FIFA World Cup football network, according to a recent survey.
The survey, conducted by Lastline at Infosecurity Europe 2018, found that 72% of security professionals believe an attack is likely given the fact that attacking high-profile international events is trending among cyber-criminals.
Of the professionals who expect an attack, 70% anticipate that the attack vector will focus on network infrastructure with a distributed denial-of-service (DDoS) attack or an attempt to disrupt social media channels. Less than half (44%) believe that email correspondence is at risk and only 47% suspect threats to mobile devices.
“Cybercriminals do not exist in a vacuum,” said Andy Norton, director of threat intelligence at Lastline. “They will be aware of the immense media scrutiny the World Cup will be under, and will be hoping to capitalize on this as well as the financial opportunities such a unique event presents.”
The world has seen DDoS attacks at global sporting events before, as was the case with the Winter Olympics in South Korea, and some fear that these threats are becoming the new normal. "It’s hardly surprising that further attacks are being forecast for the FIFA World Cup that kick-off today,” said Andrew Lloyd, president of Corero Network Security. “Given current geopolitics, the football World Cup does present an opportunity for nation-state–sponsored attacks on political foes that will make Eurovision tactical voting look like a playground scuffle."
"We note that today’s opening ceremony is followed by a Russia vs. Saudi Arabia match that I’m sure will pique interest in Iran and elsewhere," Lloyd continued. "Beyond attacking the FIFA infrastructure, other risk areas with a higher commercial impact include live broadcast streams and highly lucrative in-game betting. These threats further add to the pressure on digital enterprises to invest in real-time defenses that automatically detect and mitigate attacks allowing them to stay online and open for business during a cyber-attack.”