Microsoft is warning of the threat malicious cyber actors pose to stadium operations, noting that the cyber risk surface of live sporting events is "rapidly expanding."
"Information on athletic performance, competitive advantage, and personal information is a lucrative target," the company said in a Cyber Signals report shared with The Hacker News. "Sports teams, major league and global sporting associations, and entertainment venues house a trove of valuable information desirable to cybercriminals."
"Unfortunately, this information can be vulnerable at-scale, due to the number of connected devices and interconnected networks in these environments."
The company specifically singled out hospitals delivering critical support and health services for fans and players as being targets of ransomware attacks, resulting in service disruptions.
To defend against such attacks, Microsoft is recommending that -
- Companies disable unnecessary ports and ensure proper network scanning for rogue or ad hoc wireless access points
- Attendees secure apps and devices with latest updates and patches, avoid avoid accessing sensitive data over public Wi-Fi, and refrain from scanning QR codes from untrusted sources
- Commerce systems ensure point-of-sale (PoS) devices are patched, up to date, and connected to a separate network, and
- Stadium operations implement logical network segmentations to create divisions between IT and OT systems and limit cross-access to devices
"Ideally, organizations and security teams could configure their systems before the event to complete testing, snapshot the system and devices, and make them readily available to IT teams to rapidly redeploy when needed," Microsoft said.
"These efforts go a long way in deterring adversaries from taking advantage of poorly configured, ad hoc networks within the highly desirable, target rich environments of large sporting events."