Hackers are ready for Euro 2024 finals kick offs! Will they be eliminated or score?

Blog AWS Security Cloud Infrastructure Cloud Security

Euro 2024 viewership has been strong throughout the event and millions of visitors and viewers of the games themselves are also expected. Berlin alone is expected to host 2.5 million tourists during the month of the games. Such a large and central event that generates huge sums of money is of course a very lucrative target threat factors – those who seek to profit and those who seek to disrupt and interfere.

As we exit the group stage and enter final eliminations, how will the hackers fare?

Sports teams and sports organizations in general, and football in particular, have already suffered from cyber attacks in the past. A study published several years ago by the UK NCSC regarding cyber threats to sports teams shows that around 70% of sports organizations in the UK suffer from cyber attacks each year, roughly double the normal average of the Industry. When you take a deeper look at the structure of those organizations, the reasons for this become clearer. Sports clubs and organizations are large, rich and high-profile organizations. They hold large amounts of valuable personal information. Specifically, the details of thousands, and sometimes millions, of fans who are members of various clubs. Additionally, there is also very sensitive information such as medical information of players worth millions, and finally information regarding transfers, purchases and more.

Several teams have recently suffered from cyber attacks

Two famous soccer clubs-Manchester United and Liverpool FC from the Premier League, for example, have both suffered from cyber attacks in recent years. Manchester suffered a ransomware attack that encrypted vital information, and may have even leaked it outside the organization. The information systems were shut down for several weeks and employees could not, for example, use the corporate email. It is unknonwn how the event ended (but most likely -the team paid the ransom). Their arch rivals- Liverpool FC also suffered from a cyber attack in 2018, during  which details of several hundred fans were stolen. Cyber ​​threats are not limited to the British Isles of course. In 2017, the sports team AC Milan suffered a cyber attack that included data theft and attempted financial extortion, and just two months ago, the French luxury club PSG suffered a cyber attack that included a hack into its computerized ticketing system.

Sensitive information

Different cyber attacks target not only clubs, which are, as we know, private and commercial entities, but also national and international organizations. FIFA – the governing body of world football – experienced cyber attacks in 2016, when the Russian attack group – Fancy Bear attempted to steal confidential documents and sensitive information. In 2018, the English Football Association (FA) suffered a cyber attack that caused a temporary disruption of Its actions, in 2020 the Swedish Football Association was attacked and misleading disinformation was spread on its website, and just a year ago the Dutch Football Association was hit by an attack in which the details of its employees were stolen.

These attacks can lead to commercials damage but also cause great embarrassment, if sensitive information is stolen and published. The Portuguese Roi Pinto, who is also known as “The Football hacker”, broke into various clubs and stole sensitive information which he published on a website called Football Leaks. The sensitive information exposed corruption and financial irregularities in the world of European football and led to investigations into violations of FIFA Fair Play regulations by Manchester City and Paris Saint-Germain, ending in a decision by UEFA to suspend Manchester City Club from the Champions League for two years. It also revealed a rape accusations against Football superstar Cristiano Ronaldo. When Pinto’s identity was finally revealed, he was put on trial for nearly 300 different charges and was convicted, but his sentence was change to four-year suspended sentence  (mainly due to public pressure to protect whistleblowers).

Politics, Cyber, and Football

There are many times where politics and sports collide and unfortunately that is usually in the cyber worlds. For example, a number of Israeli clubs suffered defacement attacks on their websites in recent months, some high profile social media accounts of footballers (and teams) were “hijacked” and used to spread propaganda. It is likely that someone will take advantage of the fact that all the eyes of the world will be on Germany and use the cyber dimension to spread anti-Israeli, anti-Russian messages or any other agenda.

Cyber ​​can also negatively disrupt

But the biggest fear is of course from a devastating cyber attack, one that will disrupt one of the ceremonies or games. The access control in the stadiums is electronic and the entire tournament is paperless. Based on experience, this has proven to be a be a weak point. In the past- a football club from the Football League Championship (2nd tier league in England) suffered a ransomware attack that locked the gates in the stadium before a game and prevented fans from entering.

To prepare against such a scenario, or more extreme ones, the Germans asked for help from everyone with cyber knowledge and expertise. They announced cooperation with France, which also faces similar challenges when it will host the Olympics later this summer, on security and information security issues. Together they established an international police liaison and coordination centre in the city of Neuss. Further alignment with the German Federal Information Protection Agency (BSI) regarding security standards is also being used to try to stop a cyber attack. The Ministry of Civil Defence held exercises and trainings to deal with a mass cyber incident.

In conclusion, Germany is setting the gold standard for cybersecurity. The Germans take the full breadth of threats seriously and prepare to deal with incidents of hooliganism, terrorism and cyber attacks. Past experience shows that organizers of such events have been able to successfully deal with attacks and successfully complete the events without any special disturbances. For us all to enjoy the tournament, we will keep our fingers crossed for the Germans and the other hosting nations that this record will not be broken this time either. The best outcome is no scores for the bad guys.

Blog

We may have recently been exposed to the largest cyber campaign of all times, in which China managed to completely penetrate the communications infrastructure of its great rival, the United States.In doing so, gained access to huge amounts of invaluable

Cloud Breach
Blog

The global cloud market continues to grow rapidly, growing 23% year-over-year. This year, Google captured 13%, up from 10% last year. Google complements this impressive growth rate with an emphasis on privacy and security. The commitment to security is clear,

Cloud BreachCloud SecurityCSPM
Blog

Re:Invent has come to a close and we had a great week! We kicked off the week with our product announcement. Did you know that most threat actors (70%) are logging into the cloud – they are not “breaking in”.

Cloud BreachCloud SecurityThreat Detection
Blog

Skyhawk Security is proud to announce the expansion of its cloud threat detection and response capabilities with Interactive CDR. This new capability expands the team that can verify if an activity is malicious or not, by going to the alleged

AICloud BreachCloud SecurityThreat Detection
Blog

Skyhawk Security announces the availability of new features and integrations of its Autonomous Purple Team, aimed at extending detection and improving security validation as well as pre-validating threat detection alerts, to effectively manage the security of your cloud. The company

AICloud BreachCloud SecurityThreat Detection
Blog

By Asaf Shahar, VP, Product at Skyhawk Security Securing cloud environments presents unique challenges due to their constantly evolving nature. CERT-IL’s alert on public cloud threats (ALERT-CERT-IL-W-1810) underscores common vulnerabilities—exposed credentials, service misconfigurations, and inadequate tenant isolation—frequently exploited by attackers.

AICloud BreachCloud SecurityThreat Detection

Thanks For Reaching Out!

One of our expert will get back to you
promptly at asafshachar@gmail.com

See the Purple Team
See the breach before it happens
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.