Russia is often suspected as a hotspot of hacking and state-sponsored hacking activity, and the FA has revealed its concern that sensitive information like injury, squad selection and tactics could be exposed.
“The steps taken by the FA to strengthen its cyber security ahead of the 2018 World Cup are equally simple and effective,” according to Bryan Campbell, senior security researcher at Fujitsu UK & Ireland.
“It’s been known that hackers can exploit WiFi connections to compromise or steal user data, and consumers have been warned on numerous occasions not to access unknown Wi-Fi sources. Now that the FA will provide its own internet access and staff and players have been asked not to use WiFi in hotels or cafes, hopefully we can see the general public become more aware of this danger and avoid putting their data at risk. The FA also advised players to think twice before posting anything on social media, such as photos that can reveal details of their location or personal information, and this should apply to all internet users. The greatest defences are often the least exciting, and consist of doing the basic IT housekeeping well.”
The worry over data theft was increased following the leak of the use of banned medicines in football by Russian hacking group, Fancy Bear.
The FA has made these feelings clear surrounding their worry about IT security in a letter to Fifa.
>See also: Cyber security is a ‘people problem’
In response to this letter, a Fifa spokesman said: “Fifa has informed the FA that [it] remains committed to preventing security attacks in general and that, with respect to the Fancy Bears attack in particular, it is presently investigating the incident to ascertain whether Fifa’s infrastructure was compromised.”
“Such investigation is still ongoing. For the purposes of computer security in general, Fifa is itself relying on expert advice from third parties.”
“It is for this reason that Fifa cannot and does not provide any computer security advice to third parties.”
Hubert Da Costa, VP EMEA at Cradlepoint, comments: “As high-profile data breaches keep stacking up, more organisations are realising they need to prepare in advance for situations where their people might be tempted to use unsecured public Wi-Fi. Reducing risk is about knowing which threats your organisation is likely to face in which situations.”
“For temporary events like next summer’s World Cup in Russia, using a 4G LTE wireless network for Internet connectivity would provide greater levels of control and security. This can be quickly and easily deployed — without involving a third-party installation company — and moved around to provide connectivity where and when it’s needed.”
“Significantly this removes the risk of connecting to public Wi-Fi networks and provides the high level of network security required to protect sensitive player and squad data.”