With the upcoming Super Bowl LIX in New Orleans drawing closer, concerns about cybersecurity threats targeting such high-profile events are escalating. The massive audience, extensive digital infrastructure, and potential for significant financial and reputational impact make sporting events like the Super Bowl prime targets for cyberattacks. Experts are warning organizers to be prepared for a wave of attacks leading up to and on game day, which is scheduled for Feb. 9 this year.
Securing events of this scale poses unique challenges due to the wide array of potential attack surfaces, including ticketing systems, livestreaming platforms, in-stadium Internet of Things (IoT) devices, and valuable fan data. The recent New Year’s Day terrorist attack in the city has only heightened concerns, leading to increased physical security measures such as enhanced surveillance, a larger police presence, and the use of drones and extra cameras to monitor for potential threats.
James DeMeo, a faculty member at Tulane University’s School of Professional Advancement specializing in sport event security, highlights the significance of the Super Bowl as a mega event designated by the Department of Homeland Security as a Special Event Assessment Rating 1 (SEAR 1), indicating the highest threat assessment level. Following the recent incident in New Orleans, DeMeo emphasizes the need for heightened event security.
Cybersecurity concerns related to ransomware, malware, and phishing threats directed at critical infrastructure and communication networks are top priorities for the security team. DeMeo stresses the importance of safeguarding command center controls to prevent bad actors from infiltrating key systems while maintaining a seamless fan experience. Law enforcement will also focus on protecting fan payment data and monitoring social media for signs of potential threats.
Drones are expected to play a crucial role in physical security measures at the Super Bowl, providing risk mitigation by monitoring crowds, managing crowd flow, and conducting reconnaissance for potential threats. Additionally, technologies like biometrics and iris scans can enhance risk mitigation efforts for event security teams.
Mike Storm, an engineer at Cisco, underscores the collaborative approach taken to prepare for high-profile events like the Super Bowl. Years of preparation involving various entities, including the host venue, tech vendors, and government agencies, are essential for coordinating responses to potential threats. Cisco’s partnership with the NFL aims to secure the game network using a range of technologies to ensure simplicity, visibility, reliability, and protection.
The proliferation of automated systems and services at events like the Super Bowl introduces new cybersecurity challenges, particularly in guarding against attacks targeting non-human identities (NHIs) and shared service accounts, APIs, and access keys. Tim Eades, CEO of Anetac, warns that automated accounts present vulnerabilities that can be exploited by bad actors to gain access to critical infrastructure and sensitive data. Securing these accounts is crucial to prevent unauthorized access to stadium systems and potential disruptions during the event.
As the Super Bowl approaches, the focus on cybersecurity readiness intensifies to protect against a range of threats that could compromise the event’s integrity and the safety of participants and fans. With ongoing vigilance and collaborative efforts from security teams and technology partners, organizers aim to ensure a safe and secure experience for all involved in the highly anticipated sporting event.