In terms of the key cybersecurity events likely to unfold during 2022, Digital Journal caught up with Joanne Wong, VP of International Marketing at LogRhythm. Wong has turned her sights to the 2022 FIFA World Cup in Qatar, in terms of the global sporting event being a major target for hackers.
Officially things are good shape in terms of cybersecurity risks, the organisers state: “The State of Qatar is taking this seriously and setting cybersecurity and privacy at the top of the FIFA 2022 World Cup™ event agenda, requiring entities to adopt and implement The Qatar 2022 Cybersecurity Framework, and elevate application security in preparation for the World Cup.”
Wong is concerned that a major risk to the sporting fixture’s business operations is presented by people rather than investment in infrastructure.
Wong notes how “Qatar has made significant investments in cybersecurity ahead of the FIFA 2022 World Cup.”
However, in an attempt to drive efficiencies there are new concerns. Wong is concerned that: “Much of the travel and ticketing for the event have been digitized and are vulnerable to attack from cybercriminals.”
On this basis she predicts “that in addition to large-scale outages or organizational attacks, cybercriminals will also be targeting the large number of high-value visitors to the tournament.”
This means that the governing body for soccer should “be prepared to manage the large attack surface surrounding the tournament” and be equally focused on the risks posed by about individuals.
Drawing on these risks, Wong pinpoints the chief factors of concern as: “Phishing and social engineering will be used to steal personal and financial information that criminals can monetize.”
Such attacks took place in 2018 and they are anticipated to accelerate in the lead up to the 2022 event.
Looking at different forms of attack, Wong predicts “that promotional emails or fake websites related to World Cup from the travel and hospitality industries will be used to capture personal data and compromise individuals.”
Furthermore, there is the risk that “Cybercriminals will recognize the work that Qatar has done to be prepared for the tournament and may focus on exploiting human nature rather than digital infrastructure.”