NCSC Helping Man United Recover from Cyber-Attack

The National Cyber Security Centre (NCSC) is assisting Manchester United in dealing with the cyber-attack which struck the English football club last week.

Last Friday, the Premier League side confirmed in a statement that an incident had taken place,  following which affected systems were shut down to “contain the damage and protect data.”

One week later and the club’s internal IT system is not fully back up and running, with staff still unable to access emails alongside other operations. The NCSC is now helping Manchester United as it seeks to secure its network before restoring its IT system to full capacity.

A NCSC spokesperson is quoted as saying: “The NCSC is aware of an incident affecting Manchester United football club and we are working with the organization and partners to understand the impact.”

In its original statement, Manchester United said that its website and app were unaffected by the attack and it was not aware of any breach of personal data belonging to fans or customers, and this was reiterated on Thursday night. Quoted in The Guardian, the new statement read: “This attack was by nature disruptive, but we are not currently aware of any fan data being compromised.

“Critical systems required for matches to take place at Old Trafford remained secure and games have gone ahead as normal.”

Manchester United added that it would not be commenting on who was responsible for the attack or the motives that lay behind it.

Security experts have suggested the attack is likely to be ransomware. Commenting earlier this week, Jon Niccolls, EMEA & APAC incident response lead at Check Point, said: “It isn’t clear what type of attack hit the club, but as its statement mentioned that it ‘shut down affected systems to contain the damage and protect data,’ this suggests ransomware, and possibly a double extortion attack where the attackers both steal data with the threat of leaking it, as well as encrypting it to disrupt operations.”

Commenting on the incident, Adam Enterkin, SVP, EMEA, BlackBerry, told Infosecurity: “The exploitation of sporting giants by cyber-criminals is not a surprise. Amid a pandemic characterized by opportunistic cyber-attackers, and a huge deficit of security professionals in the UK, such an attack was all but inevitable. Manchester United isn’t the first to be hacked, and it won’t be the last.

“These attacks are, however, preventable. The truth is that the entire nation needs better cyber-hygiene. Even national institutions like sports teams can fall prey to simple phishing emails, which are responsible for a large proportion of cyber-attacks. Cyber-criminals are waiting for organizations and the public to drop their guard. We must not give them the opportunity.” 

“Ultimately, security teams at football clubs need the same tech as major banks and hospitals, to protect livelihoods and customer data. AI technology can help manage the volume of potential threats, spotting anomalies in data and dealing with menial and repetitive tasks whilst flagging potentially serious situations to the cybersecurity team. Humans and tech must work hand-in-hand, so the professionals are equipped with the right knowledge and skill sets to keep our nation’s much-loved sporting institutions safe.”

What’s Hot on Infosecurity Magazine?