IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

FIFA World Cup in Russia Bringing Cyberthreats at Home and Abroad

The No. 1 global sporting event, which only comes around once every four years, is about to begin in Russia. Billions of people are expected to be watching and commenting and clicking on all things football (soccer) over the next month. But with all the fun, and money and attention, there are criminals preparing as well. Let’s explore the FIFA World Cup cyberthreats and what can be done about security.

Credit Shutterstock/kovop58
Despite the sad fact that Team USA didn’t make the cut, the greatest show on earth must go on.

As the top national soccer teams prepare for the 2018 FIFA World Cup in Russia beginning on June 14, there have already been plenty of media reports regarding security concerns:

As I predicted back at the beginning of the year, cyberchallenges were sure to surface at such a huge sporting event with global interest. Most of the media articles over the past few months have been focused on the physical threats to those attending the games live, as well as the Wi-Fi hot spots they may use.

Here’s what had to say about World Cup 2018 Wi-Fi hotspots becoming a major security risk for fans (UK spelling): “Kaspersky Lab analysed public Wi-Fi hotspots across 11 host cities, including Moscow, Sochi, and Saint Petersburg, finding that many did not have encryption and authentication algorithms built-in. This means that hackers would only need to be located near a Wi-Fi hotspot to be able to intercept network traffic and get confidential information from unwitting or unprepared users. The three cities with the highest percentage of unreliable Wi-Fi networks were Saint Petersburg (37%), Kaliningrad (35%), and Rostov (32%). 

Kaspersky Lab is urging football fans to ensure they can trust any network they connect to, turn off their device's Wi-Fi connection when not in use, and use a VPN to get online if possible. …”

No these threats at the World Cup are not new. We experienced similar security concerns and even some DDoS and Web defacement incidents at the last World Cup in Brazil in 2014.

One very unique aspect to the beginning of this World Cup will be the global attention given to the North Korea Summit this week just as the World Cup is set to begin. President Trump is heading to Singapore for the summit with North Korea’s leader Kim Jong Un. Predictions on what will happen after the North Korea summit are all over the map.

World Cup Excitement Building

Meanwhile, global excitement for soccer is building to a fever-pitch, especially in 32 countries that qualified for these games. Here is a brief video to describe the FIFA World Cup preparations.

But even in countries that didn’t qualify for the FIFA World Cup, the interest is high. For example, in Jamaica this story was reported by the local media:

“Much fascinated attention will be focused on Argentina with 30-year-old Mr Lionel Messi and Portugal with Mr Cristiano Ronaldo dos Santos Aveiro, now 33. Can either of those great players finally taste ultimate success on the global stage against the backdrop that time waits for no one? Mr Messi, it will be remembered, went all the way to the final in 2014 only for Argentina to fall to Germany. …”

What About FIFA World Cup Cyberthreats and Bandwidth Issues in the USA?

Even without American soccer stars like Christian Pulisic participating, millions of American soccer fans (and interested bystanders) will be watching their favorite national teams while sitting in the USA. Many of these fans will be watching online as well as betting, reading articles, filling out surveys and/or entering contests related to the FIFA World Cup.

The scheduled time for the games, as well as the likelihood that many will be watching viral highlights, could impact public and private sector computer networks when people watch games online at work. The operational network risks are similar to those previously described for the Olympics and March Madness.

As I have offered in the past for major sporting events like March Madness, here are some cybersafety tips to keep in mind before, during and after the World Cup:

First of all, be alert. Know who you are truly dealing with online. Make sure you are trained on how to spot phishing attacks and other online tricks.

Second, if you are buying online tickets for the World Cup, or other sporting events, concerts or other popular events, follow these tips from the Better Business Bureau (BBB). Also, check out this McAfee list of ticket scams to watch out for.

Third, understand that this trend is not new and not going away. As Trend Micro pointed out several years ago, cybercrimminals have time on their side and are just waiting for you to let your guard down. If you didn’t fall for tricks this time, they will be back later for another major sporting event.

Here are some other good articles offering general cybertips and pieces specifically mentioning the 2018 FIFA World Cup in Russia:

Closing Thoughts

The vast majority of people reading this blog will not be traveling to Russia for the FIFA World Cup this year. Nevertheless, these 2018 games will certainly impact individuals and companies over the next month in a variety of ways.

Be alert for FIFA World Cup deals, emails, social media posts, messages asking you to click, unsolicited texts with phone numbers to call, email attachments or other online communication that may be trying to trick you — all using the FIFA World Cup theme.

Remember, not all of these deals are bad, which makes this topic more complex than it may seem at first. Even McDonald's is offering a FIFA World Cup Fantasy deal (and other prizes such as food), so be on the lookout for both opportunities and scams — but make sure you are surfing and texting only to trusted sources. 

Enjoy the games, and may the best team win.

Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist, keynote speaker and author.