Cyberattacks in Sports: AI Amplifies Risks at Mass Events

What happened?

A recent TechRadar report, based on data from cybersecurity firm Trend Micro, has revealed a significant increase in cyberattacks targeting professional sports organizations. According to the study, artificial intelligence (AI) is being used to amplify the sophistication and reach of these attacks, especially during major events like the World Cup, the Olympics, and the Super Bowl. Researchers warn that attackers are using AI tools to automate phishing, generate deepfakes, and exploit vulnerabilities at scale. Trend Micro detected a 30% increase in threats related to sporting events between 2022 and 2023, with peaks during major tournaments. Additionally, 45% of attacks were found to use generative AI to create more convincing phishing emails or clone executives' voices in fraudulent calls.

Why is it important?

Mass sporting events concentrate large audiences, personal data, and critical systems, making them attractive targets. AI allows cybercriminals to personalize attacks, evade detection, and scale operations with unprecedented efficiency. For example, during the 2022 Qatar World Cup, over 200 million cyberattack attempts were recorded, according to data from security firm Kaspersky. This not only threatens the safety of attendees and infrastructure but also the reputation and economy of sports organizations. The estimated cost of a successful cyberattack on a sporting event can exceed $10 million, including regulatory fines, lost ticket revenue, and brand damage. AI amplifies this risk by enabling more targeted and harder-to-detect attacks, such as impersonating sponsors or manipulating results in real time.

Consequences and context

The TechRadar report highlights that attacks range from ransomware to data breaches of fan information. In the past, events like the Tokyo 2020 Olympics suffered intrusion attempts, but the current scale is larger. During Tokyo 2020, 450 million cyberattacks were reported, according to Japan's Cybersecurity Agency. However, with generative AI, attacks can now be more personalized and automated. For instance, deepfakes of athletes or referees could be used to disinform or manipulate betting. A notable case was the ransomware attack on FC Barcelona in 2022, which exposed employee and fan data. AI also allows attackers to exploit vulnerabilities in live streaming systems, as happened with the NFL's streaming platform in 2023, which suffered a DDoS attack powered by AI. Organizations must invest in AI-based cybersecurity to counter these threats, but the digital arms race is just beginning. According to Gartner, spending on AI-driven cybersecurity will grow 25% annually through 2026.

What should readers know?

• AI is democratizing attack capabilities, allowing small groups to launch sophisticated campaigns. For example, a cybercriminal group called 'APT41' used AI to target FIFA in 2023, according to Mandiant reports.
• Fans should be cautious of suspicious emails and offers during sporting events. Trend Micro reported a 60% increase in phishing scams related to fake tickets during Super Bowl LVII.
• Organizations must adopt a proactive approach, using defensive AI and updating their security protocols. For example, the International Olympic Committee has implemented AI-based deepfake detection systems to protect its image.

“AI is amplifying cybersecurity risks in sports, and preparedness is key to mitigating the impact,” says the Trend Micro report cited by TechRadar.