UPDATED 22:31 EST / OCTOBER 31 2018

fifa SECURITY

Data stolen in hack of soccer’s world governing body FIFA

The Fédération Internationale de Football Association, better known as FIFA, has been the victim of a phishing attack that resulted in data stolen.

The hack of soccer’s world governing body is reported to have occurred in March and involved theft of private correspondence, including emails that have since been passed on to German magazine Der Spiegel and the European Investigative Collaboration research network.

The New York Times reported Tuesday that the hack, the second to target the association, is not related to a previous hack in 2016 linked to Russia. That one led to the uncovering “some of soccer’s biggest secrets, shining light on dubious practices that have led to tougher regulations in soccer and in some cases, criminal prosecutions,” the report noted.

“In response to the increasing number of internet-enabled computer attacks, FIFA is continually modifying its systems and practices and allocates significant budgets for the continuous improvement of its information security posture,” the association said in a statement. “Following a hack in March 2018, FIFA took a number of measures to improve IT security, in order to protect employees.”

Kevin O’Brien, chief executive officer of cybersecurity firm GreatHorn Inc., told SiliconANGLE that targeted phishing is the single most effective type of cyberattack today.

“Organizations and their employees are more susceptible than they realize to an array of phishing attacks and impersonations because of their blind expectations of trust in corporate communications channels, and email in particular,” O’Brien said. “These kinds of attacks rely on sophisticated social engineering tactics that make it difficult for people to recognize whether an email is malicious or not, and cybercriminals are constantly evolving these techniques to bypass existing perimeter defenses and successfully convince people into divulging sensitive information.”

O’Brien said it’s important for organizations to implement policies and technologies that proactively learn what “good” email looks like and identify indicators such as email volume and anomalies in authentication or behavior that indicate a phishing attack.

Photo: Kremlin/Wikimedia Commons

Since you’re here …

Show your support for our mission by our 1-click subscribe to our YouTube Channel (below) — The more subscribers we have the more then YouTube’s algorithm promotes our content to users interested in #EnterpriseTech.  Thank you.

Support Our Mission:    >>>>>>  SUBSCRIBE NOW >>>>>>  to our Youtube Channel

… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.

If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.