Microsoft is sounding the alarm on cyber threats surrounding the 2023 FIFA Women’s World Cup as the tournament enters its knockout stages. Recognizing the need for increased cybersecurity measures, Microsoft is urging organizations involved in the event to prioritize digital defense.
Vasu Jakkal, Microsoft’s corporate vice president of security for compliance and identity, emphasized the importance of considering cybersecurity in the context of sporting events. While most people associate sports with entertainment and engagement, the growing prevalence of cyberattacks targeting major sporting events cannot be ignored.
To illustrate the potential risks, Jakkal pointed to past incidents such as the cyberattack during the opening ceremony of the 2018 Winter Olympics in Pyeongchang. The Wi-Fi in the stadium went out, the telecast was disrupted, and the official event website went offline. These incidents highlighted the vulnerability of major events to cyber threats and the potential consequences for event organizers and attendees.
The significance of cyber threats during major sporting events has only increased since then. In February 2022, the San Francisco 49ers fell victim to a ransomware attack on Super Bowl Sunday. Similarly, in November of the same year, Manchester United reported its own cyberattack. Major League Baseball and the National Basketball Association have also experienced significant data breaches in recent years. The Houston Rockets, in particular, lost 500GB of financial and legal data to ransomware attackers.
As the United States and Sweden prepare to face each other in the Women’s World Cup, Microsoft is highlighting the extensive cyberattack surface involved in such events. With millions of viewers tuning in and thousands of fans and employees attending the games, the reliance on mobile phones, ticketing systems, QR codes, and public Wi-Fi creates numerous targets for cybercriminals.
Microsoft’s Cyber Signals report, published in August 2023, stresses the additional risk posed by vendors and partners involved in these events. The rapid pace at which such events come together often makes it challenging to develop visibility and control over devices and data. Temporary connections can create a false sense of security, leading to lower risk perceptions.
It’s not just the physical stadium and its systems that are at risk. During the FIFA World Cup in Qatar, Microsoft’s cybersecurity efforts extended to hospitals involved in the event. They were able to prevent ransomware attacks and quarantine one of the hospitals, underscoring the need for comprehensive protection beyond the immediate event venue.
Securing a World Cup requires not only a comprehensive defense strategy but also agility due to the short timeframe in which everything comes together. The unique nature of these events requires careful considerations of unexpected factors. Microsoft acknowledges the need for effective communication and cooperation among all parties involved, emphasizing that security is a collaborative effort.
For the previous winter’s World Cup in Doha, Microsoft alone protected 45 organizations, including approximately 100,000 endpoints, 144,000 identities, 14.6 million email flows, 634.6 million authentication attempts, and 4.35 billion network connections. These figures highlight the immense scale of cybersecurity efforts required for major sporting events.
In conclusion, Microsoft’s focus on cybersecurity during the 2023 FIFA Women’s World Cup highlights the evolving threat landscape for major sporting events. With the increasing frequency of cyberattacks targeting such events, it is crucial for organizations to prioritize digital defense and collaborate to ensure a secure and successful tournament.