News
Rugby World Cup highlights need for cybersecurity around major sporting events, Yubico Comments
September 2023 by Yubico
The Rugby World Cup* is currently taking place, during which teams, associations, and venues will share and process vast amounts of sensitive information – which is extremely valuable to cyber criminals. This, and other major sporting events, are extremely vulnerable to cyber attacks, especially from bad actors with financial motives.
GlobalData’s newly released Cybersecurity in Sport report**, warns that sport will become an increasingly common target for cyberattacks. With 70 percent*** of sports organisations experiencing a cyber incident per annum, major events such as the Rugby World Cup face an even higher threat. For example, many fall victim to spear-phishing, whereby usernames and passwords are obtained from staff and attacks are aimed at those in senior roles who can authorise financial transactions.
Niall McConachie, regional director (UK & Ireland) at Yubico, explains how sporting organisations can best prevent these phishing attacks with effective cyber security practices such as phishing-resistant multi-factor authentication (MFA):
“Previous business email compromises (BEC) around major sporting events underscore the urgency for enterprises to establish and enforce human-centric security best practices that are supported by modern phishing-resistant MFA. Traditional password-based authentication has proven insufficient in the face of these evolving threats, and as email-based phishing attacks grow in sophistication and targeting, even tech-savvy individuals can fall victim.
“To effectively mitigate these types of attacks around major sporting events, organisations should implement passwordless cybersecurity such as strong two-factor authentication (2FA) or MFA. By removing the need for passwords, strong 2FA and MFA are more user-friendly and bridge the gap between personal and professional data security. Phishing-resistant FIDO2 security keys, for example, have proven to be the most effective option to keep businesses and people secure online.
“Phishing-resistant MFA, that comes in the form of a FIDO2 security key, helps organisations better protect online accounts without relying on the user’s vigilance. Unlike conventional MFA methods vulnerable to phishing, this approach focuses on identity verification and intent through deliberate action. While common, passwords, SMS, OTPs, security questions, and push notifications are susceptible to various attacks. By adopting phishing-resistant MFA, sporting organisations can protect digital identities against evolving threats and safeguard sensitive information.”
