Microsoft Protects the World's Biggest Event Stages: A Real Cybersecurity Snapshot for Understanding Digital Threats

Microsoft Protects the World's Biggest Event Stages: A Real Cybersecurity Snapshot for Understanding Digital Threats

By Alex Passett

In 2023, threats to entertainment events (e.g. in arenas and large-scale venues) are very real. They demand vigilance and team collaboration in order to mitigate escalation and prevent future occurrences down the road. With the global sports market, for example, valued at more than $623 billion (per Statista), sports teams and myriad global sporting associations harbor a wealth of valuable data that criminals can target. (Perhaps not as dramatically as the football stadium scene from “The Dark Knight Rises,” but dangers are still a reality.)

Unfortunately, this data is made increasingly vulnerable by the growing abundance of interconnected venues and the sheer number of devices – hundreds of millions, to be sure – that enter venues and interact with the environments’ networks. The potential attack surface expands, and cyber threats abound.

The long story short? Venue IT systems contain near-countless known and unknown vulnerabilities that allow bad actors to target critical business services; points of sale, infrastructure, etc. Data loss for teams, coaches, sponsors, venue workers and event attendees alike can lead to personally identifiable information being snatched away, and digital amenities like companion mobile apps and Wi-Fi hotspots are left susceptible. (Not to mention “easy” threat tactics like QR codes with malicious URLs.)

Compromise is a no-go. So, what can security operations center (SOC) teams do?

Microsoft has several answers here, one being their Microsoft Defender Experts (DEX). DEX for XDR is generally available, allowing SOCs to augment end-to-end protection and threat intelligence. Microsoft also – just earlier this morning, in fact – released the fifth edition of its Microsoft Cyber Signals report, highlighting a lot about this threat landscape and detailing what protections have been put in place as part of its Security Snapshot.

Here's the gist of it.

Microsoft knows that threat actors go where targets go, capitalizing opportunistically on high-profile events in widely connected spaces. Even a single misconfigured device or an overlooked third-party connection can lead to a data breach or intrusion.

So, Microsoft played its hand, delivering cybersecurity support to critical infrastructure facilities during the FIFA World Cup Qatar 2022.

Between Nov. 10 and Dec. 20, 2022, proactive threat hunting campaigns led to:

  • 45 organizations, 100,000 endpoints, and 144,000 identities protected
  • 634.6 million authentication attempts were made successfully
  • 4.35 billion network connections were monitored

Microsoft’s threat-hunting team operated under a defense-in-depth (DiD) philosophy to inspect and protect devices, networks, etc. This spanned transportation, healthcare, telecommunications, and other essential functions.

“Our customers with expandingly blended environments may face problems with an array of technical difficulties that are different now than they used to be,” said Justin Turner, Principal Group Manager, Microsoft Security Research, “but the fundamentals remain the same. As a defender, you can’t defend something that you don’t see or understand.”

So, Microsoft seeks further understanding. (As defenders should.)

But it’s not all on them, obviously. User awareness and business training programs are crucial for educating about cybersecurity best practices, including recognizing crafty phishing attempts, using MFA, and more.

Additional information from Microsoft can be found here.

Edited by Greg Tavarez
Get stories like this delivered straight to your inbox. [Free eNews Subscription]
Related Articles

Wildix Integrates into HubSpot App Marketplace

By: Greg Tavarez    2/23/2024

Wildix announced their official listing in the HubSpot App Marketplace, an ecosystem of valuable third-party integrations.

Read More

1Password Locks Down Anywhere Workforce with Kolide Acquisition

By: Greg Tavarez    2/23/2024

1Password acquired Kolide, known for device health and contextual access management, to strengthen its position in securing the modern, hybrid workfor…

Read More

Partner Confidence and Fast Support: Why MSPs Choose Wildix

By: Greg Tavarez    2/21/2024

At MSP Expo 2024, a meeting with Tim TrueLove in the exhibit hall led to a discussion of what Wildix brings to MSPs.

Read More

MSPs Must Better Educate Clients Against Cyber Threats

By: Greg Tavarez    2/20/2024

Walt Czerminski, partner, Fortium Partners, led a panel discussion at MSP Expo 2024 featuring Ragav Khosla, manager, channel solutions consultants Ame…

Read More

Cybersecurity Preparedness Gaps Remain

By: Stefania Viscusi    2/20/2024

More than half of companies faced significant security incidents in the past year.

Read More