Saturday, September 23, 2023

4 Top Cyberthreats Posed To Super Bowl 2024

 


It’s hard to believe, but we are now fast tracking into October.  This is the last quarter of the year, and believe it or not, people are already talking about the next Superbowl.  But there is a different twist to this time.  Most of the headlines that I am reading are now focused on Cyber securing this event.  In fact, many government agencies, most notably that of the CISA, are taking a huge part in this endeavor.

But this now this  begs the question:  Just how prone are professional sporting events to Cyber-attacks?  The answer is, very prone.  In fact, according to a recent survey, at least 70% of all professional sports organizations were subject to some sort of security, with at least 30% of them experiencing a very serious one.  More details on this can be seen at the link below:

http://cyberresources.solutions/blogs/Sports_Security.pdf

What is the reason for this increase?  Here are some possible clues:

*The sports arena is becoming heavily digitized, such as online betting.  With this, there is now a lot more valuable information and data that the Cyberattacker wants, so they will go after it.

*This industry is expected to grow at a very fast rate – it will reach over $623 billion by 2027.

(SOURCE:  https://www.thebusinessresearchcompany.com/report/sports-global-market-report)

*The IoT is heavily used here, and because of all these connections to thousands and perhaps even millions of them, the attack surface has greatly expanded.  Just consider this:  Microsoft helped to secure a recent sports event in which there were 100,000 endpoints, 144,000 identities, 14.6 million emails that were being transmitted, and over 644 MFA transactions that occurred. 

(SOURCE:  https://www.microsoft.com/en-us/security/business/security-insider/reports/cyber-signals/cyber-signals-issue-5-cyberthreats-increasingly-target-the-worlds-biggest-event-stages/)

You may be asking at this point, what are some of the Cybersecurity risks that are posed to these kinds of events?  Well here is just a sampling of them:

1)     The Digital Signage:

Any kind of sporting event, no matter how large or small, will have signage for them, especially those that are electronic in nature.  But did you ever come to think that if these are overused (or “over worked”) that they could become a prime target?  Remember, its not all about the lights that they display, but there are also powered by a computer.  If the processing limits have been exceeded, then these systems cannot counter back any incoming threat variant.

2)     Hot Spots:

Everybody wants to connect their mobile devices so that they can be in touch with family and friends about the score.  But to do this, you need to be connected to a hotspot of some sort.  As I have written about many times in the past, these kinds of network plug ins are not secure, their lines of communication from your device and back is not encrypted.  So the best advice here is to not even connect, or you use the hotspot on you smartphone to connect.  At least this requires some sort of complex that is somewhat hard to guess.  The same also goes for mobile apps.  When sporting events pop up, like the Super Bowl or even the Olympics, there are a lot of rogue mobile apps that come onto the stores.  Be careful of what you download, and make sure that the app is real and legitimate.  In a worst-case scenario, contact the vendor to confirm this.

3)     Point of Sale Terminals:

Who can’t resist at half time going to the snack and drink bar and totally gorge on Coke and Hot Dogs?  It’s truly the American way.  But how many of you actually pay with hard cash?  Probably not many.  You will most likely pay with a credit card.  But be careful here of credit card skimmers.  Make sure that not only your card has that secure chip, but the Point of Sale Terminal also has that well.  Even shake it a little bit to make sure that it feels firm.  A credit card skimmer will feel a little  loose when it is shaken.  Always keep checking your credit card statement online to make sure that there are no fraudulent charges.  On the safer side, if you are attending a large sporting event, make sure you visit a food vendor that has been officially endorsed by the venue, or even its sponsors.

4)     The Physical Infrastructure:

Just as there are digital threats, there is also an equal amount that is posed to the physical premises of the sporting event.  It is up to the sporting venue to secure this, but you can take steps to protect yourself as well.  Keep an open eye, and especially watch for pick pocketers.  The best line of defense here is to keep all of your valuables at home.    Also, report any suspicious activities to the venue security.

My Thoughts On This:

Unfortunately, as the world goes on, sporting events will continue to be plagued with Cyberthreats and security breaches.  The best thing you can do is just be proactive and keep your guard up.  Or better yet why not watch the event from home, invite family and friends, and have a nice party?  Much better than trying to face all the crowds in the real thing.

No comments:

Post a Comment

How To Launch A Better Penetration Test In 2025: 4 Golden Tips

  In my past 16+ years as a tech writer, one of the themes that I have written a lot about is Penetration Testing.   I have written man blog...