The FIFA World Cup, the quadrennial soccer competition, is set to start June 14, and as has become standard ahead of major sporting events, security experts are warning that hackers and other malicious actors are likely to target multiple digital aspects of the event.

Where the World Cup is being held is also adding to cybersecurity fears. “Given that this year’s World Cup is in Russia, anyone in attendance will be doubly concerned about their cyber posture,” David Ginsburg, vice president of marketing at Cavirin Systems Inc., told SiliconANGLE.

“The fact that athletes, spectators and organizers will be moving between venues only adds to this,” he said. “It could take the form of social engineering or device thefts of well-heeled visitors, or an attempt to disrupt the infrastructure itself. Fake hotspots, apps containing malware and unfamiliar but compromised websites are all in play.”

Ginsburg also warned that the organizers must lock down critical networks “based on a zero-trust approach, since the question will not be ‘Has the network been infiltrated?’ but ‘The hackers are here. How do we limit the damage?  Cyberattack planning must be on-par with any other form of terrorist attack.”

Not only are those at the event likely to be targeted, so are the billions of fans watching worldwide.

“The World Cup is THE global sporting event which brings a fantastic opportunity for cybercriminals intent on securing a quick payday,” explained Steve Durbin, managing director of the Information Security Forum Ltd. “Email infection, fake betting websites and traditional phishing attacks are all expected to have their day in the sun this summer.”

Durbin said fans must think before they click, such as asking whether an email relating to the World Cup looks real. Embedded links or attachments should be warning signs.

Nathan Wenzler, chief security strategist at AsTech Inc., added that with the World Cup, fans should “avoid emailed requests to participate in polls, surveys and contests related to the event, unless you know that you personally signed up to be a part of such things from a known and reputable site. ”

Unsolicited appeals to sign up and provide information, he said, may be efforts to steal your personal information. “Likewise, never click on links or attachments in emails,” he advised “If you’re involved in a tournament bracket, enter the site into your browser directly. Phishing emails may eventually forward you on to the right site, but they can simply take over the session to direct you to other sites that download ransomware or malware to your system before they forward you along.”

Ajay Menendez, executive director of the HUNT Analyst Program at SecureSet Academy LLC, also warned that while “antivirus and antimalware vendors are doing their best to come up with ways to keep ahead of the curve when it comes to malicious code … much like the games during the World Cup, it can be a cat-and-mouse game with neither side leading for very long.”

Joseph Carson, chief security scientist at Thycotic Software Ltd., provided some simple advice. “Stay safe while watching the World Cup and avoid becoming the next victim of cybercrime,” he said. “The World Cup should be a time to relax, enjoy the amazing games and making sure that you ‘stop and think’ before clicking will help prevent you from security nightmares.”

Image: Pixabay