The recent Champions League final in London (congratulations, Real Madrid!) marked the opening shot to a hot European summer of major sporting events. We now approach the highly anticipated UEFA EURO 2024 football tournament in Germany and the Olympic Games in Paris 2024. And as we do, bad actors are warming up on the sidelines as they seek opportunities to strike.
The Imperva Threat Research Team recorded a 59% increase in attacks targeting European sports websites in January and another 66% increase in March, as overall security incidents increased from the previous year (indicated by the red trendline in the chart below). But what types of attacks should businesses and their customers prepare for? This blog will cover everything you need to know to stay ahead of the game.
A broader look at the ecosystem of organizations involved with these much-looked-forward-to events, which includes travel, airlines, entertainment, and betting websites, reveals a similar picture.
The following chart visualizes the threat landscape using Imperva’s proprietary Cyber Threat Index (CTI). The CTI provides an easy-to-understand score to track cyber threat levels consistently over time and observe trends. The score is calculated using data gathered from all Imperva sensors globally and is based on several ingredients: network traffic, attack traffic, attack types, and vulnerabilities.
The chart shows the increase in risk scores across almost all industries as we approach the opening match of the UEFA EURO 2024 tournament, indicating a rise in attack frequency and severity.
The number of attacks targeting these industries has gradually increased over the past 12 months, with notable peaks of 53% in January and 37% in March. These peaks correlate with increased application attacks globally, as Imperva blocked 130 billion application attacks in January and 107 billion in March.
But why do we observe these trends in other industries, too? Let’s take travel, for example, which includes airlines and accommodations for travelers. According to various estimates, such as the French economics paper Les Echos report, around 15.3 million visitors are expected to flock to the capital to enjoy the festivities. Interestingly, only around 22% of these visitors are expected to have tickets in hand. The gambling category includes websites for betting on the results of the games. The entertainment category includes websites for purchasing event tickets and live streaming of the games.
Over the past 12 months, 73% of attacks targeting European travel, sports, entertainment, and gambling sites have involved sophisticated bots seeking to abuse the business logic of applications and APIs. The trendline shows a gradual increase in attacks, with peaks of 53% in January and 37% in March.
We can expect to see bots targeting the ecosystem surrounding the UEFA EURO 2024 and Olympic Games Paris 2024 in the following ways:
Learn more about the impact of bad bots on businesses and consumers in the 2024 Imperva Bad Bot Report.
The increased usage and adoption of APIs continue, making them a highly favorable target for bad actors, as they serve as direct pathways to sensitive data and application logic. According to The State of API Security in 2024 Report, API calls comprise 71% of all web traffic.
It comes as no surprise that business logic abuse was the most popular attack vector. Such attacks exploit an application’s or API’s intended functionality and processes rather than its technical vulnerabilities. Because APIs are machine-readable, they are increasingly susceptible to bad bot attacks, and the lack of visibility into API traffic makes detection even more difficult.
Layer 7 DDoS attacks targeting European travel, sports, entertainment, and gambling sites have increased by 89% from last year, with attack intensity peaking at 1.5 million Requests Per Second (RPS).
Distributed Denial of Service (DDoS) attacks have the potential to cause significant disruptions during major events such as the UEFA EURO 2024 and Olympic Games Paris 2024. These attacks can target critical infrastructure and services, leading to widespread issues. They may overwhelm ticket sales websites, authentication systems, and official event websites, resulting in lost sales, logistical challenges, and frustrated fans. The coordination and communication of the events can be severely hindered, affecting the efficiency of staff, volunteers, and security personnel.
The number of transactions related to this summer’s sporting events includes ticket purchases, merchandise sales, accommodation bookings, travel arrangements, online food and beverage sales, betting transactions, media broadcasting rights, and more.
All of these put them at an extremely high risk of becoming targets of digital skimming attacks, such as Magecart and formjacking. These attacks involve injecting malicious JavaScript into legitimate websites to collect sensitive personal information from online forms, particularly payment pages, directly from the client side (end-user browsers).
JavaScript is a crucial component of modern web applications. If an application is not adequately secured, it may be vulnerable to attacks that load malicious scripts. These attacks can come from server-side compromises, supply chain attacks, or techniques such as stored Cross-Site Scripting (XSS).
Businesses that use third-party vendors for website code are vulnerable to Magecart and digital skimming attacks. Each third-party service represents a potential entry point for attackers, and the more services a website uses, the greater the risk of attack. For instance, even a simple analytics code could be hijacked by malicious actors to insert a Magecart payload. These vulnerabilities enable attackers to target multiple users across various sites simultaneously.
Alarmingly, entertainment and travel websites are amongst the industries with the highest ratio of third-party JavaScript usage. As a result, their exposure to compromises introduced through the software supply chain is heightened, making them highly vulnerable to client-side data breaches.
Imperva is the cybersecurity leader that helps organizations protect critical applications, APIs, and data anywhere, at scale, and with the highest ROI. The Imperva Application Security Platform stops the most advanced attacks with the highest efficacy while minimizing false positives. Its high efficiency enables organizations to quickly onboard, protecting their assets at scale. With the help of the Imperva Threat Research Team and our global intelligence community, we stay ahead of the evolving threat landscape, seamlessly integrating the latest security, privacy, and compliance expertise into our solutions.
The Imperva Application Security Platform combines best-of-breed solutions that bring defense-in-depth to protect your applications wherever they live — in the cloud, on-premises, or a hybrid configuration:
Start your Application Security Free Trial today to protect your applications from bad bots.
The post A European Summer of Sports is Upon Us – What Does it Mean for Security? appeared first on Blog.
*** This is a Security Bloggers Network syndicated blog from Blog authored by Erez Hasson. Read the original post at: https://www.imperva.com/blog/a-european-summer-of-sports-is-upon-us-what-does-it-mean-for-security/
News Corp and Telstra announced the $3.4 billion deal on Monday that includes the Kayo Sports and Binge streaming services and Hubbl streaming device business.
Grand Baie (Mauritius), Dec 22 (AP) English golfer John Parry overcame a five-stroke deficit in the final round to win the Mauritius Op
Manchester, Dec 20 (AP) The organization that represents European soccer leagues rejected latest proposals for a breakaway super league
Sports Mole takes a look at everything you need to know about Unify League, a new competition launched by the original organisers of the European Super League.