Super Bowl LII is this Sunday when Minneapolis plays host to the New England Patriots and Philadelphia Eagles. And wouldn\u2019t you know it, where there are hundreds of thousands of visitors with connected mobile devices and disposable income, there will also be cybercrime.<\/span><\/p>\n I\u2019m not sure this weekend represents the Super Bowl for Cybercrime, that distinction probably goes to the Olympics next month. But it\u2019s pretty darned close. Just the nature of the event lends itself to all sorts of social engineering<\/a> and malfeasance<\/a>.<\/p>\n Think about it, you have an influx of jovial people on a football pilgrimage to support their team. They\u2019re in a new city. They\u2019re looking for things to do, places to go and deals to take advantage of. Many of them are drinking heavily which, I have been told, impairs judgment. It\u2019s a perfect climate for hackers. And they take full advantage.<\/p>\n Cybercriminals will attempt to use football-related websites and apps to spread malware and steal sensitive personal information, or even take over your phone. They\u2019ll also take advantage of social networks and the ability to shorten links (making their actual destination impossible to discern) to infect your connected devices. This may be your first Super Bowl, but it’s not theirs. These criminals know the tricks to get you to click or download what they’re pushing.<\/p>\n Obviously, you don\u2019t get a ton of information about this year\u2019s cybersecurity implementations until after the game itself on account of the fact that disclosing that information could help undermine said security (right Geraldo?<\/a>). But we can glean some information from past Super Bowls to give us an idea of the level of security.<\/p>\n For starters, the Super Bowl is more or less a trendsetter in terms of cyber security concepts, strategies, and platforms. What works at the Super Bowl, arguably the largest annual event in the US, will trickle down into the Enterprise sector in the coming months and years.<\/p>\n The Super Bowl\u2019s security implementations feature redundant IT systems that can withstand cyber attacks. Knock one system offline, there\u2019s another ready to step in immediately to avoid any issues. Additionally, information sharing is key. The Super Bowl has to coordinate with state and local law enforcement, as well as with federal agencies and the private sector. If you think this is a nightmare, the Super Bowl is pretty much just dealing with domestic agencies, the Olympics next month in South Korea will require coordination between international agencies, governments, private agencies, and domestic law enforcement agencies.<\/p>\n If that sounds like a logistical nightmare, it\u2019s because it is.<\/p>\n And finally, given the high profile nature of the event, special attention needs to be paid to infrastructure like electrical grids and public safety systems, or really any targets of note. At Super Bowl XLIX four years ago, there was a 30-mile no-fly zone for drones. As drones have advanced, I imagine that no-fly zone is going to be extended as well.<\/p>\n \u201cConventional methods to detect and mitigate threats from drones\u00a0are limited; radars either don\u2019t detect drones or characterize them incorrectly (i.e. migratory birds),\u201d explained CACI International vice president Michael Kushin in a column for the Federal Times<\/a>. \u201cAdditionally, if radar does detect the drone, it cannot mitigate the threat or identify the source.\u201d<\/p>\n Back in 2007, the Patriots were caught filming hand signals on their opponents\u2019 sidelines. It was called Spygate. It was kind of a big deal. The league found the Patriots had years of taped signals matched with the plays they were calling. And while the Patriots claimed everyone else was doing it too, the league felt it was a bad enough violation to dock them a first-round draft choice and $750,000.<\/p>\n If you don\u2019t understand anything about football, just know that it was a massive scandal.<\/p>\n \u201cSpygate was Flintstones stuff compared to what\u2019s going on now,\u201d Ed McAndrew, a former federal prosecutor, now a\u00a0lawyer specializing in cybercrime at Philadelphia\u2019s Ballard Spahr, told the Philadelphia Inquirer<\/a>.<\/p>\n What he\u2019s referring to is that in 2011 the NFL began using tablets instead of old-school three-ring binders to hold their playbooks. These tablets are connected devices, they hold crucial information about their respective teams\u2014plays, schemes, entire game plans.<\/p>\n That information can be compromised any number of ways. A player could simply lose an unencrypted tablet, leave it in their car one day and have it stolen, and boom. Everything is blown. Additionally, interception of wireless signals between the coaches and quarterbacks could be used. Or just good old fashioned social engineering.<\/p>\nFive Tips for Staying Safe at the Super Bowl<\/h2>\n
\n
How the Super Bowl itself Prepares for Cyber Crime<\/h2>\n
Even the Teams are Worried About Hacking<\/h2>\n