Organizing bodies and key partners of the FIFA World Cup in Qatar this autumn have been warned to enhance their resilience against a potential barrage of cyber-threats.
Threat intelligence firm Digital Shadows claimed that the world’s most-watched sporting event would invite scrutiny from a variety of threat actors.
“Scams could present themselves in many forms. For instance, financially motivated threat actors often plant in malicious URLs spoofing these events to fraudulent sites, hoping to maximize their chances of scamming naive internet users for a quick profit,” it warned in a blog post.
“At the same time, hacktivist groups may exploit the public attention given to such events to exponentially increase the reach of their message. State-sponsored advanced persistent threat (APT) groups may also decide to target global sporting events like the Qatar 2022 World Cup to achieve state goals to the hosting country or the broader event community.”
After collecting threat data on the event over a 90-day period, the vendor highlighted the key risks to organizations as:
- Spoofed domains designed to lure users in phishing attacks. Digital Shadows identified 174 malicious domains impersonating official webpages
- Fake mobile apps designed to install adware, steal personal and financial data, extract cookies and credentials, and download further payloads – the researchers identified 53 of these
- Fake social media pages to spread scams, such as pyramid schemes, or help with social engineering attacks such as business email compromise (BEC) – Digital Shadows said it identified “dozens” of these
- Stolen credentials, which can be used to hijack corporate or customer accounts
- Hacktivists using DDoS to take down key online infrastructure in the name of the war in Ukraine, Iranian involvement or even the host nation
- Ransomware and initial access brokers (IABs)
Digital Shadows urged organizations to take a risk-based approach to cybersecurity ahead of the event, focusing on cyber-hygiene best practices such as regular patching, multi-factor authentication (MFA) and phishing awareness.
“A risk-based approach enables your organization to adapt its cybersecurity program to specific needs and vulnerabilities by considering the potential impact of a certain phenomenon and its likelihood,” it concluded.
“As such, along with observing the main threats, it is essential to analyze the motivations and capabilities of the actors that could potentially conduct malicious campaigns against you.”