Euro 2024 football tournament has now reached the quarterfinal stage, with cybercriminal activity escalating and posing significant risks for fans and their employers. The threat intelligence firm Cyberint reported last month that over 15,000 credentials linked to Union of European Football Associations (UEFA) customers were exposed on underground forums, with another 2,000 credentials appearing for sale on the Dark Web. These credentials, although mostly belonging to consumers, could lead cyberattackers to target individuals who use their work email addresses for signing up for non-business services, as pointed out by Darja Feldman, the threat intelligence team lead at Cyberint.
Feldman emphasized the importance of not sharing or using corporate credentials for personal services and cautioned against password reuse, which opens up avenues for threat actors to breach company accounts. This warning comes at a crucial time, considering the historical targeting of major sporting events by cyberthreat actors. Past incidents include destructive attacks on the digital infrastructure of the Winter Olympics in 2018, hacks on Twitter accounts of NFL teams, attempted disruptions of the 2022 World Cup in Qatar, and concerns about cybersecurity threats at the upcoming Summer Olympics in Paris.
Beyond credential theft, cyberattackers have also targeted Euro 2024 with a distributed denial-of-service (DDoS) attack during the online broadcast of Poland’s Group D opener against Estonia. This attack, attributed to suspected Russia-linked hackers, prompted Poland’s deputy minister of digital affairs to point fingers at the Russian Federation. DDoS attacks are particularly disruptive for live sporting events, as highlighted by cybersecurity firm Radware, especially drawing parallels to disruptions in e-sports tournaments like those in the League of Legends video game.
Looking ahead, Radware predicts an increase in DDoS attacks targeting not just Euro 2024 but other major sporting events too. The scale and global interest in these tournaments make them lucrative targets for cybercriminals and nation-state actors, as evidenced by the cyberthreat landscape during the Tokyo 2020 Olympics. Additionally, the head of the European Union Agency for Cybersecurity (ENISA) raised concerns about the surge in cyber attacks across Europe, directly attributing the increase to Russian cyber operations and hackers.
As Euro 2024 progresses and the 2024 Summer Olympics draw closer, cybersecurity experts anticipate a shift in the focus of cyber threats. Credential harvesting, phishing attacks, DDoS attacks, and other malicious activities are expected to persist, with attackers potentially targeting the Olympics with similar tactics seen during the UEFA tournament. The approval for Russian and Belarusan athletes to compete in the 2024 Olympics under neutral status adds an interesting dynamic, raising questions about the possible decrease in cyber attacks from hacktivists and nation-state actors.
Overall, the heightened cyber threats surrounding major sporting events emphasize the need for enhanced security measures to protect fans, organizations, and the integrity of these prestigious tournaments. With cybercriminals continuously evolving their tactics, vigilance and proactive defense strategies are essential to mitigate the risks posed by malicious actors in the digital realm.