When Super Bowl LVII between the Kansas City Chiefs and Philadelphia Eagles kicks off in Phoenix on Feb. 12, most everyone’s eyes will be on the gridiron. But farther afield, malicious actors and cyberattackers may be looking to score their own kind of touchdown — by shutting down systems, perpetuating ransomware, or carrying out hacktivism.
The 2022 FIFA World Cup tournament held in Doha, Qatar, over the winter raised similar operational concerns, and cybersecurity experts note that large-scale events in general offer a very broad attack surface area to threat actors of all stripes, thanks to the sheer number of systems involved in carrying it off.
“The thing that’s tricky for security teams is that it’s not just one entity or single network they must look after,” says James Campbell, CEO and co-founder of Cado Security. “An event like the Super Bowl involves numerous suppliers, media companies, and so on, all of which are responsible for looking out for their networks, collectively making up how the Super Bowl is run.”
Campbell adds that one of the biggest disruptions to the Super Bowl would be preventing it from being televised. With millions of people worldwide watching, and given the advertising and revenue generated from the Super Bowl, if a threat group wanted to get a certain point across, restricting the ability to broadcast it live would do the trick.
“That would probably have the biggest impact, other than physically ensuring the Super Bowl doesn’t [actually take place] —
Read more