May 30 Webinar | SOC Talk: Automating Threat Response
Reduce Alert Noise and False Positives
Boost your team's productivity by cutting down alert noise and false positives.
Automate Security Operations
Boost efficiency, reduce burnout, and better manage risk through automation.
Dark Web Monitoring
Online protection tuned to the need of your business.
Maximize Existing Security Investments
Improve efficiencies from existing investments in security tools.
Beyond MDR
Move your security operations beyond the limitations of MDR.
Secure with Microsoft 365 E5
Boost the power of Microsoft 365 E5 security.
Secure Multi-Cloud Environments
Improve cloud security and overcome complexity across multi-cloud environments.
Secure Mergers and Acquisitions
Control cyber risk for business acquisitions and dispersed business units.
Operational Technology
Solve security operations challenges affecting critical operational technology (OT) infrastructure.
Force-Multiply Your Security Operations
Whether you’re just starting your security journey, need to up your game, or you’re not happy with an existing service, we can help you to achieve your security goals.
Detection Investigation Response
Modernize Detection, Investigation, Response with a Security Operations Platform.
Threat Hunting
Locate and eliminate lurking threats with ReliaQuest GreyMatter
Threat Intelligence
Find cyber threats that have evaded your defenses.
Model Index
Security metrics to manage and improve security operations.
Breach and Attack Simulation
GreyMatter Verify is ReliaQuest’s automated breach and attack simulation capability.
Digital Risk Protection
Continuous monitoring of open, deep, and dark web sources to identify threats.
Phishing Analyzer
GreyMatter Phishing Analyzer removes the abuse mailbox management by automating the DIR process for you.
Integration Partners
The GreyMatter cloud-native Open XDR platform integrates with a fast-growing number of market-leading technologies.
Unify and Optimize Your Security Operations
ReliaQuest GreyMatter is a security operations platform built on an open XDR architecture and designed to help security teams increase visibility, reduce complexity, and manage risk across their security tools, including on-premises, clouds, networks, and endpoints.
Blog
Company Blog
Case Studies
Brands of the world trust ReliaQuest to achieve their security goals.
Data Sheets
Learn how to achieve your security outcomes faster with ReliaQuest GreyMatter.
eBooks
The latest security trends and perspectives to help inform your security operations.
Industry Guides and Reports
The latest security research and industry reports.
Podcasts
Catch up on the latest cybersecurity podcasts, and mindset moments from our very own mental performance coaches.
Solution Briefs
A deep dive on how ReliaQuest GreyMatter addresses security challenges.
White Papers
The latest white papers focused on security operations strategy, technology & insight.
Videos
Current and future SOC trends presented by our security experts.
Events & Webinars
Explore all upcoming company events, in-person and on-demand webinars
ReliaQuest ResourceCenter
From prevention techniques to emerging security trends, our comprehensive library can arm you with the tools you need to improve your security posture.
Threat Research
Get the latest threat analysis from the ReliaQuest Threat Research Team. ReliaQuest ShadowTalk Weekly podcast featuring discussions on the latest cybersecurity news and threat research.
Shadow Talk
ReliaQuest's ShadowTalk is a weekly podcast featuring discussions on the latest cybersecurity news and threat research. ShadowTalk's hosts come from threat intelligence, threat hunting, security research, and leadership backgrounds providing practical perspectives on the week's top cybersecurity stories.
May 21, 2024
About ReliaQuest
We bring our best attitude, energy and effort to everything we do, every day, to make security possible.
Leadership
Security is a team sport.
No Show Dogs Podcast
Mental Performance Coaches Derin McMains and Dr. Nicole Detling interview world-class performers across multiple industries.
Make It Possible
Make It Possible reflects our focus on bringing cybersecurity awareness to our communities and enabling the next generation of cybersecurity professionals.
Careers
Join our world-class team.
Press and Media Coverage
ReliaQuest newsroom covering the latest press release and media coverage.
Become a Channel Partner
When you partner with ReliaQuest, you help deliver world-class cybersecurity solutions.
Contact Us
How can we help you?
A Mindset Like No Other in the Industry
Many companies tout their cultures; at ReliaQuest, we share a mindset. We focus on four values every day to make security possible: being accountable, helpful, adaptable, and focused. These values drive development of our platform, relationships with our customers and partners, and further the ReliaQuest promise of security confidence across our customers and our own teams.
When I was first asked to write a blog about the UEFA EURO 2020 Championship, I immediately imagined going through a detailed analysis of the participating teams and an educated prediction of the course of this tournament. While that’s not going to happen today, this blog will discuss the potential cyber threats to this competition—one of the first major international sporting events to occur since the COVID-19 pandemic. As you may imagine, these differences have slightly altered the threat landscape of this event. Let’s see in more detail what that’s going to look like.
Major sporting events like the UEFA EURO 2020 are typically at risk of an array of potential threats that shouldn’t be overlooked when painting its threat landscape. Here are some of the most likely events that we may observe:
Recently, we’ve observed ransomware actors becoming bolder and bolder with their tactics and communication strategies. For example, while RagnarLocker turned to Facebook ads, Conti and Ryuk have been cold calling victims to pressure them into paying. Therefore, it is realistically possible that ransomware gangs will keep using innovative extortion methods throughout the competition to ensure a steady revenue stream. Cybercriminals have already demonstrated endless times that they’re perfectly capable of exploiting situations where massive audiences are focused on a singular event— we wouldn’t be surprised if that was the case again.
In the case of EURO 2020, phishing campaigns are likely to exploit hot topics like ticket reselling, match organization, and fan-engaging events. Given that the championship will be hosted in 12 different countries, cybercriminals may have greater opportunities for phishing against host countries and fans attending the event with a broad array of lures.
Hopefully, the EURO 2020 inaugural match won’t be disrupted in the same way—Italy is playing against Turkey in the Stadio Olimpico in Rome, and I couldn’t be more excited about it. However, OlympicDestroyer serves as a great example that when so many networks and devices are connected, there is a heightened level of risk.
Fraud and financial crime. Previous major sporting events have seen a variety of tactics that exploit the large number of tourists that visit host cities. Clearly, that might not be the case this time due to travel restrictions across the hosting countries. However, ATM skimming, banking scams and infections against point of sale malware used to steal payment card information may still appear throughout the competition to target locals and those few tourists. In addition to this, fraud-related threat actors may leverage EURO 2020’s brand to profit from counterfeit tickets, merchandise, and streaming services.
Although the threat landscape surrounding the rescheduled EURO 2020 has not shifted drastically since last year, it will be interesting to observe how COVID-19 may impact the upcoming football championship. The main effect of the pandemic on the EURO 2020’s threat landscape will probably be phishing campaigns. As we’ve discussed many times, these campaigns exploit contextual circumstances and pressing times to typically manipulate victims into giving up credentials, clicking on infected links, and downloading malicious documents.
And what’s better for this purpose than the chaos generated by the pandemic? Most European countries are now slowly easing their COVID-19 restrictions thanks to the positive impact of national vaccination schemes. While this is welcomed progress, cybercriminals may exploit these updates for delivering malicious email campaigns to football supporters and tourists. Additionally, this year’s edition will also witness a reduced amount of tickets available for fans which, on the other hand, significantly expands the demand for them. We’d not be surprised if we saw emerging details about these sorts of malicious campaigns in the coming weeks.
Understanding the motivations and tactics of the adversaries in your threat model can significantly expand the robustness of your security measures. Additionally, the following mitigation techniques can help limit the impact of any malicious activity that may occur throughout Euro 2020 (and beyond):
Digital Shadows (now ReliaQuest) has been tracking the impact of cyber threats on main sporting events since 2014. Some of the most popular blogs published in this area include an assessment of the LI Super Bowl, the threats to the 2018 football World Cup, and the 2018 Winter Olympics threat landscape.
If you’d like to assess your organization’s risk exposure across the open, deep, dark web and technical sources, get a customized demo of SearchLight (now ReliaQuest’s GreyMatter Digital Risk Protection) here. You’ll get visibility into any impersonating domains or phishing schemes targeting your company’s name and brands, exposed data or PII, and reducing your attack surface online.