Microsoft has released its fifth instalment of Cyber Signals, a cyber threat intelligence brief on the state of the cybersecurity landscape.

This edition focuses on high-profile or large sporting and entertainment events, especially those in increasingly connected venue environments, which can introduce cyber risk for organisers, regional host facilities, and attendees.

With the ongoing FIFA Women’s World Cup breaking attendance records and expecting up to 1.5 million attendees across the competition and a marquee summer line-up of music events, including Taylor Swift and Coldplay, cyber threats loom large, Microsoft finds. And these threats are diverse and complex.

They require constant vigilance and collaboration among stakeholders to prevent and mitigate escalation, and with the global sports market valued at more than US$600 billion, the target is rich, according to the company. Sports teams, major league and global sporting associations, and entertainment venues house a trove of valuable information desirable to cyber criminals.   

Information on athletic performance, competitive advantage, and personal information is a lucrative target. Unfortunately, this information can be vulnerable at scale, due to the number of connected devices and interconnected networks in these environments, Microsoft states.

Often this vulnerability spans multiple owners, including teams, corporate sponsors, municipal authorities, and third-party contractors. Teams, coaches, athletes, and fans are also vulnerable to data loss and extortion.  

Cyber Signals Volume Five and the accompanying blog detail these findings and offer security best practices for organisations and attendees of large events: 

• Have an additional set of eyes monitoring the event around the clock to proactively detect threats and send notifications. 
• Identify potential threats specific to the event, venue, or nation where the event occurs.
• Consider least privileged access a best practice: Grant access to systems and services only to those who need it and train staff to understand access layers.  

Microsoft states, attendees should:

1. Secure their apps and devices with latest updates and patches before the event.
2. Avoid accessing sensitive information from public Wi-Fi.
3. Avoid links, attachments, and QR codes from unofficial sources.

Mark Anderson, National Security Officer for Microsoft ANZ, says, “The increasingly digital nature of these types of events - from ticketing, point of sale systems, and interactive fan experiences, to athlete and team information and performance analytics - can create a target-rich environment for threat actors.

"The risks could be anything from criminals seeking to access information for financial gain, through to issue-motivated groups using the high-profile nature of the event to push their narrative and agenda."

Anderson continues, “This report shows how large and complex these events can be - Like in last year’s State of Qatar’s hosting of the FIFA World Cup where there were over 100,000 endpoints (mobile phones, computers, tablets, point of sale systems etc),144,000 identities and over 14 million emails to be protected.

"The responsibility for keeping these events safe does not rest solely with the organisers of these events. Every participant, attendee, employee and volunteer collectively has a role to play in defending against cyber criminals.

"For attendees, this means being vigilant about scams related to the event, while organisers must ensure the safety of the systems that support the event and be rigorous around how they protect and use the data needed to operate these events.”