Microsoft has issued a warning regarding the increasing threat posed by malicious cyber actors to stadium operations, particularly during live sporting events. The company’s Cyber Signals report, emphasizes the expanding cyber risk landscape in this domain.
Valuable data related to athletic performance, competitive advantage, and personal information is a prime target for cybercriminals, with sports teams, major leagues, and entertainment venues becoming potential victims due to their treasure trove of sought-after information. This vulnerability is exacerbated by the extensive use of interconnected networks and connected devices within these environments.
Of note, Microsoft highlights the specific vulnerability of hospitals providing essential support and health services for fans and players. The report underscores the risk of ransomware attacks that could disrupt these critical services.
To counter such threats, Microsoft is advocating several security measures. This includes disabling unnecessary ports, rigorous network scanning for unauthorized wireless access points, securing attendee apps and devices with the latest updates and patches, and cautioning against the use of public Wi-Fi for accessing sensitive data or scanning QR codes from untrusted sources. Commerce systems are advised to maintain up-to-date point-of-sale devices connected to separate networks, and stadium operations are encouraged to establish logical network segmentations to isolate IT and OT systems and limit device cross-access.
In an effort to deter cyber adversaries, Microsoft suggests a proactive approach, urging organizations and security teams to configure systems before events, conduct testing, create snapshots of systems and devices, and ensure swift redeployment capabilities for IT teams.
These precautions are aimed at mitigating the risk of opportunistic attacks on poorly configured networks within the high-profile, target-rich environments of large sporting events.