Cybercriminals may have upped their game during the FIFA World Cup 2014 tournament but malicious activity almost completely stopped during the final between Argentina and Germany on Sunday, according to researchers.
Enterprise security firm Imperva recently analysed data collected from its threat intelligence service Community Defense, mapping game dates and times to GMT for every match from the quarter finals on.
“In order to look at a soccer match as a complete event we measured an hour prior to the game, the game itself (which mostly lasted around two hours), and an hour post game,” Imperva security strategy director Barry Shteiman wrote in a blog post.
“As a precursor step, we built a baseline average of attacks and attack campaigns during that time window throughout June/July on matching days (mostly weekends) when games weren’t on. This serves as a baseline.”
The frequency of attacks in a comparable timeslot to a World Cup match is around 2125 per hour – or 441 attack campaigns, he added.
However, after normalizing the data to fit it into one-hour slots, Imperva found that during the World Cup final attacks/hour had dropped to just 160.5, while attack campaigns/hour stood at 53.5.
In the hour after the match they sunk even lower – to 34 attacks/hour or 22 attack campaigns/hour.
“Hackers like soccer so much, that they put their weapons down during the Finals,” wrote Shteiman. “Attacks during the Finals were only 2% in volume compared to the rest of the games.”
The data is all the more interesting given that for other World Cup games studied by Imperva, attacks actually increased by as much as 2.83 times the normal rate.
One possible contributing factor is that the World Cup final was played on a Sunday, Shteiman added.
Major sporting events like the FIFA World Cup are usually a magnet for cybercriminals keen to exploit worldwide interest to launch malicious spam and phishing attacks and other online cons.
This year’s event had the added danger of hacktivists claiming to be part of Anonymous, who defaced and DDoS-ed dozens of Brazilian sites in protest at the large sums of money lavished on the tournament despite vast social inequality and failing public services in the country.