Cyberattacks on sporting event ticketing systems

Name, first name, postal address, telephone number, or even bank card numbers, online ticketing stores store the personal information of millions of individual and professional customers. This concentration of data represents an opportunity for cybercriminals who see these platforms as a means of accessing a large volume of data in a single attack.

Especially since according to a market study dating from 2023, attendance at stadiums and arenas is close to historic levels:

• more than 500,000 tickets sold for the 2024 edition of Roland-Garros.
• 9.05 million spectators for Ligue 1 and Ligue 2 football for the 2022-2023 season.
• 2.7 million spectators for last season of Top 14 rugby.
• 1.2 million spectators for the Betclic Elite basketball championship.
• 325,000 spectators for the 100th anniversary of the 24 hours of Le Mans.

Up more than 50% compared to 2010, the ticketing market, for all types of events combined, is estimated at more than 1.5 billion euros.

Remember that according to different observers, bank card numbers accompanied by the CVV code can be resold on the dark web for up to €100, when access credentials to a Gmail email account can reach €80. It therefore remains very profitable for cybercriminals to launch phishing campaigns by impersonating sporting event organizers.

However, theft of customer data is not the only objective of cybercriminals. Once infiltrated on the network, a fraudster could potentially take advantage of his intrusion to generate a false discount code and purchase tickets at a reduced rate to resell them at a high price.

Another strategy observed was compromising the online ticketing information system. As such, ransomware is an example of a potential threat that could be used.

The principle is simple: through an email containing a trapped attachment, downloading malware, or exploiting vulnerabilities, the cybercriminal seeks to access the online ticketing information system. Once infiltrated, it installs a malicious program that encrypts the files available on all hard drives in turn. Instantly, the ticket office becomes inaccessible, displaying a ransom demand.

In sports as in cybersecurity: injury prevention starts with good preparation. This is why online ticketing operators must implement prevention, detection, and incident response measures to deal with cyberattacks, including phishing attempts and ransomware.

Cyberdefense SOCs

Cyberdefense's Cyber SOC offering offers solutions to strengthen cybersecurity. Analysts assess threats, conduct in-depth investigations into all layers of the information system, and coordinate remediation actions.

Another advantage is that experts continually test and improve detection systems to deal with new threats while providing operational support during the most critical incidents. Within multidisciplinary teams, dedicated consultants are responsible for the operational governance of services, while project managers adapt and develop the scope of the service to meet customer requirements. In addition, the cyber threat monitoring service called Threat Intelligence from Orange Cyberdefense provides contextualized information that helps to understand the operating methods of attackers and thus to develop proactive security measures.

At the same time, more and more companies are offering tickets to sporting events to their partners and customers, and must also protect themselves against the risks of cyberattacks.

As online ticketing sites are frequent targets, companies that purchase these tickets must also protect themselves against scam attempts, particularly phishing campaigns.

This is why they need to put in place prevention, awareness, and security measures to protect the transactions and personal data of their partners and customers.

Protecting corporate messaging is therefore essential to prevent scams, intrusion attempts, and leaks of sensitive data. As such, Micro-SOC from Orange Cyberdefense offers a robust solution for securing business communications.

MicroSOC enables continuous monitoring of IT infrastructures, with rapid detection and neutralization of suspicious activities. With 24/7 monitoring, MicroSOC protects employees by intercepting phishing attempts before they can cause damage. Rapid response to detected threats ensures sensitive data remains protected.

The Orange Cyberdefense CERT: a team of specialists in the fight against cybercrime

With Orange Cyberdefense , players in the sports industry can benefit from the expertise of CERT (Computer Emergency Response Team). Made up of experts responsible for identifying fraud attempts that could target businesses, this team monitors the activity of cybercriminals.

CERT provides operational monitoring of company assets, allowing them to detect weak signals or signs of interest from groups of cybercriminals who would target their sector, their ecosystem (service providers) or their company in particular. With this proactive monitoring, specialists can identify leaks of critical information, such as compromised login credentials, often used to initially access victims' systems.

With Ethical Hacking, online ticket offices can test the robustness of their information system

To assess the resistance of information systems, Orange Cyberdefense also offers Ethical Hacking services HYPERLINK "https://www.orangecyberdefense.com/fr/besoins/challenges/evaluer-resistance-cyberattaques" \t "_blank".

Cyberdefense ethical hackers design attack scenarios based on repositories such as MITER ATT&CK®. They carry out intrusion tests to detect system vulnerabilities, application audits to analyze and correct flaws in the source code, and Red Team operations to test defense against simulated, but realistic, cyberattacks.

This methodology not only allows players in the sports industry to identify their weaknesses, but also to recommend corrective actions to strengthen their security. Orange Cyberdefense experts thus provide a precise assessment of the robustness of information systems against current threats.