Euro 2024 Becomes Latest Sporting Event to Attract Cyberattacks

  /     /     /  
Publicated : 23/11/2024   Category : security


Euro 2024 Becomes Latest Sporting Event to Attract Cyberattacks


Cybercriminals are selling credentials linked to the tournament on underground markets, with some geopolitics playing out in denial-of-service attacks.



With the Euro 2024 football tournament — soccer, to our US readers — reaching the final eight teams in the quarterfinals, cybercriminal activity has ramped up around the tournament and is posing risks for fans and their employers.
In a report published last month, threat intelligence firm Cyberint found that more than 15,000 credentials belonging to Union of European Football Associations (UEFA) customers have already been exposed on underground forums, identified by the uefa.com domain in URLs connected with the usernames and passwords. In addition, another 2,000 credentials have appeared for sale on the Dark Web.
While most credentials belong to consumers, individuals often will sign up for a service with their work email address, giving cyberattackers a potential lead to pursue for future attacks, says Darja Feldman, threat intelligence team lead at Cyberint.
Employees should be instructed not to share, or not to use, their corporate credentials to sign up for non-business services, she says, adding that employees should also specifically be warned against reusing passwords. The lack of hygiene with passwords, where people just reuse their corporate accounts — not just the email, but also the passwords — for third-party services give a vector for the threat actor to get into company accounts.
Its a timely reminder given that major sporting events are often the target of cyberthreat actors. Destructive attacks targeted digital infrastructure for the 2018 Winter Olympics, originally appearing to come from the North Korean Lazarus group, but later found to be the work of the Russia-linked Fancy Bear APT,
which conducted a false-flag operation
. Hackers have also
targeted the Twitter accounts
of teams in the United States National Football League (NFL), China-linked threat actors
aimed to disrupt the 2022 World Cup in Qatar
, and cybersecurity experts warn that
the coming Summer Olympics in Paris could be next target
.
Cyberattackers have already targeted Euro 2024 beyond stealing credentials, with suspected Russia-linked hackers leveling a distributed denial-of-service (DDoS) attack at the online broadcast of Polands Group D opener against Estonia. Pawel Olszewski, Polands deputy minister of digital affairs,
blamed the Russian Federation for the attack
. Russias team has been
barred from the tournament
.
DDoS attacks can be among the most pernicious for live sporting events, cybersecurity firm
Radware stated in a June 10 advisory
. The company pointed to the frequent
DDoS attacks that disrupt e-sports matches
, for instance, such as tournaments around the popular League of Legends video game.
Euro 2024 — and other sporting events — will likely see more DDoS attacks in the future, Radware said.
Given the scale and global interest in the tournament, it is a high-value target for cybercriminals and nation-state actors, the company stated. This
threat was highlighted during the Tokyo 2020 Olympics
, where reports of millions of cyberattacks were prevented, underscoring the scale of cyberthreats to large international events.
In the first quarter of 2024, Europe had already seen twice as many attacks compared to the last quarter of 2023, Juhan Lepassaar, head of the European Union Agency for Cybersecurity (ENISA), told the Associated Press. He squarely blamed Russian cyber operations and hackers for the increase.
This is part of the Russian war of aggression, which they fight physically in Ukraine, but digitally also across Europe, he said in late May,
according to the Associated Press
, adding, I do believe that we have a societal challenge ahead of us to understand digital security in the same way that we understand security in the everyday traffic environment.
Overall, the level of credential collecting, phishing attacks, DDoS attacks, and other threat activity has not necessarily increased in underground markets, but it has shifted to focus on the Euro 2024 tournament. And, as the 2024 Summer Olympics approaches, Cyberints Feldman expects attackers focus to shift again.
We do expect attack attempts by major state-sponsored threat actors on the Olympics, she says. Everything is almost the same as UEFA, the same [types of attacks] are going to happen with the Olympics — with credentials, with ticket fraud, with all kinds of scams, all kinds of malicious apps and malicious files that are being sent around to people and to customers.
Russian and Belarusan athletes will be allowed to compete in the 2024 Olympics, but only as neutral participants, without any flags or emblems,
the International Olympic Committee has ruled
. Whether that means fewer attacks from hacktivists and nation-state actors remains to be seen.

Last News

▸ CryptoWall is more widespread but less lucrative than CryptoLocker. ◂
Discovered: 23/12/2024
Category: security

▸ Feds probe cyber breaches at JPMorgan, other banks. ◂
Discovered: 23/12/2024
Category: security

▸ Security Problem Growing for Dairy Queen, UPS & Retailers, Back off ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Euro 2024 Becomes Latest Sporting Event to Attract Cyberattacks