Cybersecurity at the Qatar 2022 World Cup

At an event the scale of the World Cup, cyber security will obviously be a big focus. So what risks are associated with the World Cup being held in Qatar?

Ensuring cybersecurity is always important, but with an event the scale of the FIFA World Cup the stakes are raised. Almost eight million people visited Russia for the 2018 World Cup, so savvy cybercriminals are aware that there's an opportunity to reap big rewards, especially as more processes around travel and ticketing are digitised.

Sporting events are regularly targeted by cybercriminals - both opportunist and organised. Last year scammed football fans paid ten times the price for fraudulent tickets to 2018 World Cup matches, while at the Winter Olympics in Pyeongchang, the Hades threat actor developed the Olympic Destroyer cyberattack to target the competition's infrastructure.

Qatar, a country investing heavily in digitisation, will be hosting the 2022 FIFA World Cup. It's positioning itself as the provider of a truly modern competition and "its reputation depends a lot on delivering that," says Geoff Anderson, CEO of mobile security company PixelPin. "Both Qatar and FIFA are already up against it from a perception point of view and any sort of data breach that affects fans in the build-up or during the event could be catastrophic for the reputation of both parties."

Regional challenges

All major events, regardless of where they're based, come with a long list of risks. However, could the dangers be higher at the 2022 competition due to its location in a region that's going through a period of geopolitical tension, and one that's also of national interest to wider global players such as the US and Russia?

"Although the event is still two to three years away the wider security situation in the region is challenging and becoming more so," says Brian Lord, Managing Director of PGI Cyber and past Deputy Director for Intelligence and Cyber Operations at GHCQ. "At worst it will deteriorate over this period, at best it will fluctuate significantly."

The application of hostile, disruptive cyber activity as a means of projecting and exacerbating geopolitical tensions is not new to the region, says Lord. The Shamoon attacks against Saudi Aramco and Qatar RasGas in 2012 - which evolved over time to the variants that hit Saudi and UAE last year - show that this is not state-projected capability limited to the normal global suspects, and the region has been in the frontline of this for several years.

To continue reading this article register now