As the major teams line out in the 2015 Rugby World Cup, it’s worth taking some time to think about cybersecurity and security events that have impacted other sports teams recently, whether it be in F1 or cycling, on game day or weeks before.
Technology Helps Sporting Teams Progress
Teams have gone through months of preparation, including diet, sleep and fitness analysis, with much of this data gathered through manual and automated wearable means. Before the game, video analysts working parallel to the coaches and players consume hours of tape to understand offensive and defensive plays, reviewing all the data and creating plays to counter.
Additionally, major teams have GPS pods and heart rate monitors on players during training and on match day. The tools feed data to analysts in the stands or remotely. The data could then be used to determine substitutions, future training regimens or when to have energy drinks.
All this data needs to be encrypted to avoid giving competitors insight, and therefore the IT and cybersecurity professional becomes a backroom team member. A data breach before the game — whether it be related to training plans or injury status — gives the competition insight and could alter team selection or defensive/offensive plans. Earlier this year, Team Sky, the British professional cycling team, stated that its lawyers were on the case of people suspected of hacking into cyclist Chris Froome’s training material.
In 2014, the Marussia F1 Team was hit with a Trojan Horse virus that knocked its cars out for a day, costing them valuable track time. F1 teams are at the cutting edge of cybersecurity because of the vast data being created and the geographically dispersed teams at the track and the factory. But these teams also have their reputations at stake, which drives them to prioritize data protection. For example, Ferrari partners with a leading cybersecurity vendor, including on a car sponsorship.
Download the IDC paper: A CISO’s Guide to Enabling a Cloud Security Strategy
Fans Have Their Own Cybersecurity Concerns
There are also cybersecurity concerns when we consider how fans get access to these sporting events. Major events tend to be oversubscribed when it comes to allocating tickets. Die-hard fans will be online first thing to ensure they get the ticket they want — but they are at a disadvantage to the cybercriminals who utilize the Dark Web to buy ticket allocations in bulk and resell them at exorbitant prices.
A year before the Rugby World Cup started, organizing executives, U.K. law enforcement and the online ticketing providers put cybersecurity measures in place to mitigate the risk of cybercriminals carrying out these schemes. Cybersecurity techniques such as IP reputation and activity monitoring form part of the battle against these organized criminal groups.
The commercial nature of events such as the Rugby World Cup means expensive media and advertising contracts. One U.K. media provider reportedly spent millions for an exclusive 2011 and 2015 deal for television and online media platforms. The increasingly common denial-of-service (DoS) attacks hitting online media providers could have a detrimental impact on this investment. As a result, networks and service providers must go above and beyond to ensure connections remain clean and uninterrupted.
Stadium events also introduce new risks to advertisers since digital billboards have been shown as vulnerable to attack recently. Billboard administrators will have been conscious of applying basic security policies such as non-default passwords, network port lockdowns and more.
So as you sit down and enjoy the 2015 Rugby World Cup, remember cybersecurity professionals are playing their part too.
Senior Engineer, IBM Security