You might have heard the recent news that ‘Hacktivist’ group Anonymous announced they are preparing a full scale cyber-attack on the World Cup’s corporate sponsors during the tournament, in an interview with Reuters. and therefore, will also be the subject of most hacks, security threats and data breaches than any sporting event since London 2012.
The IT and network infrastructure in stadia and host cities will play a fundamental part of the World Cup and will – at periods of high bandwidth demand – be stretched to breaking point. With many media agencies and foreign companies logging onto networks, IT and security managers must be prepared for a data breach.
In reality, it’s a case of ‘when’ and not ‘if’. Organisations need to ‘protect the breach’, so encrypting user data is essential so that if information is compromised it is of no value. Further, a plan should be in place to respond quickly should a breach occur, as every user on the network could be at risk. Third parties using the infrastructure to provide a service will also need to ensure it is safe and that, should a breach occur, their data and users are protected.
Similarly, fans attending World Cup matches need to take a cautious approach to how they use the internet and the networks they connect to whilst visiting Brazil. The danger is not just that personal data could be compromised but also confidential corporate / business data. Increasingly, as people use one device for work and personal use, the volume of data threatened increases. People traveling to watch the tournament may then log back into the work network and spread viruses across the network to other employees. Anyone connecting a device to a public Wi-Fi spot without taking the necessary safety precautions should be wary of the fact that they could be opening the doors to a hacker. To be safe use two-factor authentication tools.
Information integrity is key. Organisations supplying official information to and from matches to external organisations such as media sites, news agencies, book makers etc. will be a constant target. If information becomes compromised and can’t be trusted then the integrity of the matches also becomes compromised. At its most extreme – imagine if the new goal line technology was hacked and data became inaccurate? This will be the first year in which FIFA will use goal-line technology. If it fails through a security breach, the ramifications would certainly be far-reaching.
> See also: Behind the beautiful game: ICT at UEFA
Hackers will also target broadcasters and attempt to disrupt live streaming of matches. For example, networks offering live broadcast technology, and sports matches will need to be encrypted, whilst at the same time ensuring a smooth viewing experience. Security measures cannot interfere with the audience’s seamless viewing experience, so as well as encrypting and decrypting live TV broadcasts, communications between multiple datacentres will need to be encrypted to ensure the security of these high-value World Cup TV transmissions.
The financial cost of any of the above attacks happening could be vast. But so too the cost to reputation is significant for ‘brand Rio and Brazil’. Over the next two years Brazil has the chance to establish a commerce and tourism legacy which will be felt for a generation. But high-profile security threats will erode the country’s reputation and confidence amongst travellers intending to visit the country, or businesses looking to invest or do business in the region in the future.
Finally, for those of us not travelling to Brazil, how safe are we back home? Well… with many users accessing match details and watching live broadcasts through their laptops and mobile devices, the risk involved with this must be considered. Web-based attacks are one of the primary vectors of malicious activity over the internet. World Cup-based viruses, attacks and scams will be common place over the next 8 weeks. Web-attack toolkits are only getting more sophisticated and therefore increasing numbers of web users will be affected. When visiting associated websites, ecommerce shops, or ticketing sites be certain that they are genuine and affiliated with the World Cup. Look out for abnormalities or signs that they may be fraudulent. If in doubt check the official World cup website.