Scoring a Goal in Cybersecurity

Rogue Access Points

According to Gary Lineker, former England player, soccer is “a simple game. Twenty-two men chase a ball for 90 minutes”. While that is the general concept, soccer is a far more complicated sport that relies on well-thought-out strategies and tactics. And just like all other industries, soccer– and sporting in general – has found a valuable friend in technology to advance those well-thought-out strategies and tactics. In fact, technology has brought more benefits to soccer than just match performance. But, no matter what you’re using technology for, as long as you’re using it, you become a target for cyberattacks; and soccer is no exception. There are cybersecurity risks even related to soccer…

Data

The value of data in sport is nothing new, yet technological advancements have made dramatic improvements to the collection and analysis process. In soccer, data helps increase the chances of winning, whether to improve player performance or the team’s tactics and strategies. Therefore, copious amounts of data from matches and training are collected and analyzed. Soccer players are equipped with numerous sensors all over the body. These sensors monitor their location, distance covered, fitness levels, muscle activity, and many other metrics. This data gathered is analyzed to improve any weaknesses, avoid injuries, and assess tactics. Further, data collection in real-time allows for more effective tactical and strategic decisions during matches. Matches themselves provide an abundance of data about the team’s performance and their opponent’s, which is extremely beneficial to match analysis. Actionable conclusions are made from such data that enables the team to perform more effectively in future games.

Soccer has the biggest fan following of all sports, with an estimated 3.5 billion fans. The popularity of soccer has made it one of the most expensive sports in the world. And of course, soccer teams want to keep it this way. Doing this means giving fans the best possible experience – on and off the pitch. And data is the means to such an end. Soccer teams will gather as much data as possible about their fans to provide experiences that keep them engaged and, in turn, maintain their loyalty (and by loyalty we mean financial support). In fact, many of the methods used to keep fans engaged actually generate more data about the user, from games and competitions to exclusive content and subscriptions. 

A target

It’s simple – data is valuable. But not just to the team collecting it. This means different malicious actors will see soccer teams as worthy targets for a data breach. Rival teams might carry out a reconnaissance attack, snooping around to see what data the victim team possesses and how they use it to their advantage. The attacking team can then adjust their strategies and tactics accordingly to outperform their opponent. For financially motivated cybercriminals (which is the motive behind more than 70% of breaches), team, player and fan information can sell for high amounts. However, the more obvious reason soccer attracts financially motivated cybercriminals is that there is a LOT of money in soccer.

Soccer Cybersecurity Risks

In 2017, the transfer fee of Neymar from Barcelona to Paris Saint-Germain was just more than $250 million. And the total amount of transfer fees in 2019 amounted to $7.35 billion. With such high transfer fees, it is no surprise that, in 2020, a bad actor hacked into a Premier League club’s managing director’s email to try and pocket a $1.3 million transfer fee through a man-in-the-middle (MiTM) attack. While this attack got intercepted at the last minute, it doesn’t mean attackers can’t score a goal (and they have, but more on that later), so soccer teams need to view the cybersecurity match just as important as the match on the field.

Tackle!

Soccer teams rely on IoT devices for data collection – and for less important tasks. But no matter what the device is used for, it requires the highest levels of security since all IoT devices act as a point of entry to an organization’s network. Worryingly, however, half of organizations do not implement sufficient security measures on their IoT devices. Thus leaving them extremely vulnerable to attack. Remember when I mentioned that attackers have successfully attacked soccer teams?

One such attack exploited an English Soccer League club’s IoT CCTV camera to gain deeper access to the network through lateral movement. Thought a CCTV camera’s only use was to provide security? Well, in this case it did the exact opposite. It was a simple lack of physical security that allowed the attacker to initiate the attack and a further lack of network segmentation that enabled lateral movement. And, with soccer stadiums full of people (well, hopefully, they will be again in the near future), it is easy for a hardware-based attacker to slip in and out of the crowd and quickly implant a Rogue Device. So, whatever information the attacker is after, any of the IoT devices in use can act as an access point to that information.

Save!

Hardware-based attacks are extremely threatening due to their covert nature. Rogue Devices operate on the Physical Layer which goes uncovered by existing security solutions. A lack of Physical Layer visibility means that a victim will only know it is a victim when it’s too late. But with Sepio System’s Hardware Access Control (HAC-1) solution, this need not be the case. The HAC-1 solution provides entities with the Physical Layer coverage they need to obtain complete device visibility. And, in doing so, also protects against hardware-based attacks. As the leader in Rogue Device Mitigation (RDM), Sepio’s solution identifies, detects and handles all peripherals; no device goes unmanaged.

In addition to the deep visibility layer, a comprehensive policy enforcement mechanism recommends on best practice policy and allows the administrator to define a strict, or more granular, set of rules for the system to enforce. Such capabilities enable a Zero Trust Hardware Access approach. And when a device breaches the pre-set policy, HAC-1 automatically instigates a mitigation process that instantly blocks unapproved or Rogue hardware. Give us just 24 hours to show you that we’re the player your team is missing for a clean sheet.


Leave a Reply