Hackers are ready for Euro 2024 finals kick offs! Will they be eliminated or score?

Blog AWS Security Cloud Infrastructure Cloud Security

Euro 2024 viewership has been strong throughout the event and millions of visitors and viewers of the games themselves are also expected. Berlin alone is expected to host 2.5 million tourists during the month of the games. Such a large and central event that generates huge sums of money is of course a very lucrative target threat factors – those who seek to profit and those who seek to disrupt and interfere.

As we exit the group stage and enter final eliminations, how will the hackers fare?

Sports teams and sports organizations in general, and football in particular, have already suffered from cyber attacks in the past. A study published several years ago by the UK NCSC regarding cyber threats to sports teams shows that around 70% of sports organizations in the UK suffer from cyber attacks each year, roughly double the normal average of the Industry. When you take a deeper look at the structure of those organizations, the reasons for this become clearer. Sports clubs and organizations are large, rich and high-profile organizations. They hold large amounts of valuable personal information. Specifically, the details of thousands, and sometimes millions, of fans who are members of various clubs. Additionally, there is also very sensitive information such as medical information of players worth millions, and finally information regarding transfers, purchases and more.

Several teams have recently suffered from cyber attacks

Two famous soccer clubs-Manchester United and Liverpool FC from the Premier League, for example, have both suffered from cyber attacks in recent years. Manchester suffered a ransomware attack that encrypted vital information, and may have even leaked it outside the organization. The information systems were shut down for several weeks and employees could not, for example, use the corporate email. It is unknonwn how the event ended (but most likely -the team paid the ransom). Their arch rivals- Liverpool FC also suffered from a cyber attack in 2018, during  which details of several hundred fans were stolen. Cyber ​​threats are not limited to the British Isles of course. In 2017, the sports team AC Milan suffered a cyber attack that included data theft and attempted financial extortion, and just two months ago, the French luxury club PSG suffered a cyber attack that included a hack into its computerized ticketing system.

Sensitive information

Different cyber attacks target not only clubs, which are, as we know, private and commercial entities, but also national and international organizations. FIFA – the governing body of world football – experienced cyber attacks in 2016, when the Russian attack group – Fancy Bear attempted to steal confidential documents and sensitive information. In 2018, the English Football Association (FA) suffered a cyber attack that caused a temporary disruption of Its actions, in 2020 the Swedish Football Association was attacked and misleading disinformation was spread on its website, and just a year ago the Dutch Football Association was hit by an attack in which the details of its employees were stolen.

These attacks can lead to commercials damage but also cause great embarrassment, if sensitive information is stolen and published. The Portuguese Roi Pinto, who is also known as “The Football hacker”, broke into various clubs and stole sensitive information which he published on a website called Football Leaks. The sensitive information exposed corruption and financial irregularities in the world of European football and led to investigations into violations of FIFA Fair Play regulations by Manchester City and Paris Saint-Germain, ending in a decision by UEFA to suspend Manchester City Club from the Champions League for two years. It also revealed a rape accusations against Football superstar Cristiano Ronaldo. When Pinto’s identity was finally revealed, he was put on trial for nearly 300 different charges and was convicted, but his sentence was change to four-year suspended sentence  (mainly due to public pressure to protect whistleblowers).

Politics, Cyber, and Football

There are many times where politics and sports collide and unfortunately that is usually in the cyber worlds. For example, a number of Israeli clubs suffered defacement attacks on their websites in recent months, some high profile social media accounts of footballers (and teams) were “hijacked” and used to spread propaganda. It is likely that someone will take advantage of the fact that all the eyes of the world will be on Germany and use the cyber dimension to spread anti-Israeli, anti-Russian messages or any other agenda.

Cyber ​​can also negatively disrupt

But the biggest fear is of course from a devastating cyber attack, one that will disrupt one of the ceremonies or games. The access control in the stadiums is electronic and the entire tournament is paperless. Based on experience, this has proven to be a be a weak point. In the past- a football club from the Football League Championship (2nd tier league in England) suffered a ransomware attack that locked the gates in the stadium before a game and prevented fans from entering.

To prepare against such a scenario, or more extreme ones, the Germans asked for help from everyone with cyber knowledge and expertise. They announced cooperation with France, which also faces similar challenges when it will host the Olympics later this summer, on security and information security issues. Together they established an international police liaison and coordination centre in the city of Neuss. Further alignment with the German Federal Information Protection Agency (BSI) regarding security standards is also being used to try to stop a cyber attack. The Ministry of Civil Defence held exercises and trainings to deal with a mass cyber incident.

In conclusion, Germany is setting the gold standard for cybersecurity. The Germans take the full breadth of threats seriously and prepare to deal with incidents of hooliganism, terrorism and cyber attacks. Past experience shows that organizers of such events have been able to successfully deal with attacks and successfully complete the events without any special disturbances. For us all to enjoy the tournament, we will keep our fingers crossed for the Germans and the other hosting nations that this record will not be broken this time either. The best outcome is no scores for the bad guys.


The EU Network and Information Security (NIS) Directive will be update to a newer version, NIS2 on 17 October 2024.  NIS1 was signed exactly 8 years ago, on July 2016 with the aim of achieving “a high common level of security

Cloud SecurityCloud BreachData BreachDDoS

At the RSA conference there was a CISO panel, talking about the perils of becoming a CISO. Joe Sullivan, the CISO of Uber who just avoided jail time but did have to pay a $50,000 fine has noticed a real

ManagementAICloud BreachCloud SecurityData BreachThreat Detection

Euro 2024 viewership has been strong throughout the event and millions of visitors and viewers of the games themselves are also expected. Berlin alone is expected to host 2.5 million tourists during the month of the games. Such a large

Cloud SecurityAICloud BreachData BreachThreat Detection

According to Gartner, 75% of organizations have a Continuous Threat Exposure Management program in place or are evaluating it. Why are so many organizations embracing this approach? In our opinion, it is the embracing of continuous feedback. As Skyhawk focuses

Cloud SecurityAICloud BreachData BreachThreat Detection

One of the reasons security teams are not successful is they are always looking back, looking back at the breach or the exposure or the alert. They are not able to look forward to prevent the breach, exposure, or alert

Cloud SecurityAICloud BreachData BreachData ScienceThreat Detection

At Skyhawk, we have always known that CSPM, and even the next-gen of CSPM known as CNAPP, is not enough.  In fact, by 2026, 50% of the attack surface will not be patchable, meaning CSPM/CNAPP solutions will not be effective.

Cloud SecurityAICloud BreachData BreachData ScienceThreat Detection

Thanks For Reaching Out!

One of our expert will get back to you
promptly at asafshachar@gmail.com

See the Purple Team
See the breach before it happens
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.