Thanks to lucrative TV rights and sponsorship deals, Football and Rugby teams are operated in much the same way as any other business and as such, cyber security needs to be taken into account to protect sensitive data.
The world’s biggest Football clubs are global franchises that earn billions and as such are targets for hackers and other cyber criminals. In 2013-14 the 20 teams in the English Premier League made a combined revenue of £3.26 billion, a rise of 29% on the previous year.
It’s not just financial data that is at risk either, a hacker could steal secret transfer market information, club secrets or data on fans buying tickets to games online. There is also the clubs reputation that could be damaged by a security breach.
Most Football and Rugby teams now use social media extensively to interact with their fans and have greatly increased their use of the internet over the last few years. Due to their large following, they are a target for hacktivists.
Due to the large size of the biggest teams they have (hopefully) robust cyber security measures in place; for smaller clubs however, this is often not the case.
An incident that occurred early in 2015 saw ISIS hackers breach the Twitter account for non-league side Heybridge Swifts. The club boasts just 100 regular fans for home games but the incident highlights that football teams are a potential target for hackers.
During the 2014 World Cup in Brazil, fans were targeted by hackers. Football fans who were looking for tickets and live streams for World Cup matches were targeted. The cyber criminals distributed links that promised free live streams of Football World Cup matches, but in reality was malware which provides hackers the full access to the victim’s computer.
Fortunately lessons were learned from this and ahead of this year’s Rugby World Cup, UK law enforcement and ticket agencies put cybersecurity measures in place to deter such illegal practises.
It’s Not Just The Teams At Risk
In 2013, fans of Real Madrid Football Club were the victims of spear phishing attacks via social media. Fans who were using Facebook saw an image of Real Madrid star Cristiano Ronaldo on their screen in what appears to be a Real Madrid website. Naturally the fan would click on the link and be taken to a page that prompted them to sign in, unbeknown to the user the site was a fake. When they signed in the cyber attackers were able to see their personal information. As many fans use the same passwords for different sites the hackers were able to gain access to other sites including bank accounts as well as able to sell the passwords on the dark web.
Football and Rugby fans should ensure that they do not use their favourite team as their password. If a hacker decided to embark on a bit of social engineering and scout out a potential victims social media pages there is a good chance that the fan will mentioned their team in some form or another. It would then not be difficult for the hacker to figure out the password.
With both sports increasing its presence online the industry needs to keep up to date with the latest cyber security threats.
Don’t become a target, invest in protection and seek the advice of the professionals at PGI Cyber.