CyberCX report indicates growing cyber risks to global sport
A new cyber insights report from CyberCX has found that the global sporting sector faces an increasingly hazardous cyber threat landscape as a broad range of threat actors demonstrate intent and capability to target sporting organisations and major events, with Australia becoming an increasingly attractive target.
The report, which assesses the cyber threat level to the sports sector as high, outlines that the US$512 billion global sports market is perceived by threat actors as a high-value target due to its profitability, sensitivity to operational disruption and the personal information of fans and staff, sensitive information on high-profile sports people and data relevant to sports betting.
Launching the report, CyberCX Chief Executive John Paitaridis said that putting the spotlight on cyber risk in sport had never been more important ahead of a year that will feature the 2024 Paris Olympic and Paralympic Games, the European Football Championships, and the ICC Men’s T20 World Cup, on top of a packed calendar of regular global and domestic sporting events.
Paitaridis advised “sport is big business. The sector contributes around $50 billion to the Australian economy annually, employs over 200,000 people directly and relies on a volunteer network of more than 1.8 million people (Australian Sports Commission figures, ed).
“As sporting codes and clubs in Australia ramp up the use of digital technologies for ticketing, marketing, operations, and events, and continue to collect and manage high volumes of sensitive data from members, staff and volunteers, the cyber-attack surface is growing, creating a greater cyber risk and exposure for the sports sector.
“The impacts of cyber incidents on the sport sector are wide ranging, with cyber extortion, third party breaches and hacktivism able to cause significant disruption to the event experience though outages and interferences, while also threatening reputational damage, regulatory and legal impacts from the disclosure of personal and sensitive information, financial loss and IP theft.
“By launching this report CyberCX is putting a spotlight on the heightened cyber risks to sporting organisations, and reinforcing our commitment to helping the sports sector and our communities stay cyber safe.”
The report reveals that there are a range of drivers for cyber threats in sport, including:
Economic drivers - Cyber extortion groups perceive sporting bodies to be more likely to pay ransoms to recover from operational disruptions.
Socio-political drivers - International profile and media attention makes sporting events attractive targets for advancing ideological and political issues, while association with prominent third-party brands and sponsors can attract controversy and political attention.
Geopolitical drivers - Sport is strongly associated with national identity and culture, increasing motivations for cyber espionage and influence campaigns.
Technology and organisational drivers - Rapid scale up of staffing and infrastructure for sporting events can introduce complexity and vulnerability into processes and systems, while third-party ticketing providers and broadcast partners introduce supply chain risk.
Explaining that that the report also puts a spotlight on the convergence of geopolitics and sports, CyberCX Intelligence Executive Director, Katherine Mansted stated “CyberCX has an elevated focus on the intersection between sports and geopolitics in a year that is likely to see deepening geopolitical fragmentation and political polarisation with armed conflict across three continents and high-stakes elections in more than 50 countries.
“Nation-states, especially authoritarian governments, are willing to use their intelligence and cyber capabilities to target and attack sports events and peak bodies to advance their national narratives and other malicious objectives.”
CyberCX is a leading provider of end-to-end cyber security and cloud services.
Click here to visit their website.
Image credit: CyberCX.
3rd February 2024 - Football Australia reveals data breach
24th December 2023 - Life Saving Victoria advises of cyber attack
16th March 2023 - Raging Waters Sydney impacted by ransomware attack
25th July 2022 - Western Australian arts organisation targeted in data breach
31st January 2022 - New Zealand tourism businesses facing cybersecurity challenges
13th November 2021 - Businesses need to brace for cyber threats ahead of holiday season
20th October 2020 - Reports reveal plan by Russian intelligence services to hack Tokyo Olympics
16th August 2019 - YMCA NSW locations impacted by ransomware attack
11th July 2018 - Ticketmaster Data breach alleged to be part of a wider fraud
11th July 2016 - AIS helping protect athletes from cybercrime
13th March 2014 - PaySmart continues to set industry benchmark in data security