Just recently, I have the opportunity to view a behind-the-scenes tour of security at Major Leage Baseball’s Fenway Park, home of the Boston Red Sox. Even though the park is the oldest in major league baseball (1912), I was amazed in the use of high tech being employed in their security program. Microsoft is now warning of the threat malicious cyber actors pose to stadium operations, warning that the cyber risk surface of live sporting events is "rapidly expanding." "Information on athletic performance, competitive advantage, and personal information is a lucrative target," the company said in a Cyber Signals report. "Sports teams, major league and global sporting associations, and entertainment venues house a trove of valuable information desirable to cybercriminals. Unfortunately, this information can be vulnerable at-scale, due to the number of connected devices and interconnected networks in these environments."
Personally Identifiable Information (PII), which if lost, compromised or disclosed without authorization, could/will result in identity theft and unauthorized charges to credit cards. Ticket sales and vendors at sporting events can be targets for hackers hoping to harvest a large number of credit card credentials for future sale on the dark web.[1]
Cyber Signals specifically singled out hospitals delivering critical support and health services for fans and players as being targets of ransomware attacks, resulting in service disruptions.
To defend against such attacks, Microsoft is recommending:
- Companies disable unnecessary ports and ensure proper network scanning for rogue or ad hoc wireless access points.
- Attendees secure apps and devices with latest updates and patches, avoid accessing sensitive data over public Wi-Fi, and refrain from scanning QR codes from untrusted sources.
- Commerce systems ensure Point-of-Sale (PoS) devices are patched, up to date, and connected to a separate network, and
- Stadium operations implement logical network segmentations to create divisions between IT and OT systems and limit cross-access to devices.
"Ideally, organizations and security teams could configure their systems before the event to complete testing, snapshot the system and devices, and make them readily available to IT teams to rapidly redeploy when needed," Microsoft’s spokesman said. “These efforts go a long way in deterring adversaries from taking advantage of poorly configured, ad hoc networks within the highly desirable, target rich environments of large sporting events."
This article is presented at no charge for educational and informational purposes only.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. For questions, comments, or assistance, please get in touch with the office directly at 1-844-492-7225, or feedback@redskyalliance.com
Weekly Cyber Intelligence Briefings:
Reporting: https://www.redskyalliance.org/
Website: https://www.redskyalliance.com/
LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://attendee.gotowebinar.com/register/5993554863383553632
[1] https://thehackernews.com/2023/08/microsoft-flags-growing-cybersecurity.html
Comments