shutterstock_331280963-[1600×900]
This time next year the eyes of the world will be fixed on the Football World Championships; excitement is already building, with this event taking place across the US, Canada and Mexico, promising an unrivalled experience over its 39 days.
ai-generated-football
However, with the increased size and scale of next year’s tournament there are complex cybersecurity challenges to be addressed, for everyone involved. Drawing on his experience in helping to defend Internet performance and availability over the past 20+ years, including multiple major sporting events[1], Darren Anstee, CTO for security at NETSCOUT, talks to some of the risks facing the tournament organisers, sponsors, media organisations and critical infrastructure providers, how these risks have changed and the best-practices for their management.
“One of the key cyber threats facing anyone associated with the delivery of these high-profile events is the Distributed Denial-of-Service (DDoS) attack. These attacks are a popular weapon as they are easy to generate, hard to trace back to a perpetrator, and can disrupt events at multiple levels, from media coverage and merchandise sales, right the way through to physical infrastructure.
“Unfortunately, over the past few years we’ve seen a huge rise in the number and sophistication of hacktivist groups out there leveraging DDoS. These groups are often primarily geo-politically motivated, and are well-resourced with access to sophisticated attacks tools. Major sporting events are seen as a valid target by these groups, and thus understanding their capabilities and how they have evolved, is essential for successful defence.
“From the 2012 London Summer Games[2] to last year’s EURO 2024 in Germany[3], threat actors routinely target global sporting events with DDoS attacks. The scale and visibility of next year’s Football World Championships, coupled with ongoing geo-political tensions, makes it a marquee target for cybercriminals, with the tournament’s geographically distributed footprint offering cybercriminals a large threat surface to go after.
“Even with the tournament still nearly a year away, we should expect threat actors to start probing the defences of organisers, sponsors and critical infrastructure providers – especially internet service providers (ISPs) – to map their capabilities. If previous experiences are anything to go by, we should expect waves of attacks every few months in the lead up to the competition, as attackers undertake reconnaissance, and test their own tools and capabilities.
“To evade potential disruptions, preparation is key. Understanding the current threat landscape and ensuring defensive capability is consistent across the supply chain is essential to success. This isn’t just about technology, it’s also about threat intelligence and having the right operational resources and processes in place.
“With the Football World Championships kicking off on 11th June 2026, organisers, sponsors and critical infrastructure providers have just under a year to ensure they’re ready to welcome the world – threat actors and all.”