Manchester United, valued £3.15 bn in 2019, is third-most valuable football club in the world. Cyber criminals are more sophisticated and better funded than ever, putting large organizations at risk—no matter the industry.
Facts
On Friday, November 20th, Manchester United confirmed a cyber attack. Their official statement included assurances that no personal data appears to be compromised and that immediate action was taken to identify and shut down affected systems. Further, the cyber attack did not prevent Saturday’s match against West Bromwich in which Manchester United eked out a 1-0 victory.
Cyber security experts are giving another win to the club for its handling of the breach. It is believed that the hacking group who breached Manchester United is a sophisticated organization which carried out a complex hack. However, Manchester United credits its cyber policies and procedures—and testing of those best practices—for the minimal impact the attack had. Cyber experts agree. Man. United is being praised for its quick response to the threat and transparency surrounding the incident. An incident response plan was followed, which helped quickly disseminate information to key stakeholders and investigators.
Related: Monitor and Identify Malicious Hackers Before They Cripple Your Organization
Sports organizations are wealthy, international enterprises with a large digital presence and several facets of business. All of these features make them prime targets for sophisticated cyber criminal activity. In the case of Man U., while not explicitly stated, evidence such as the shutting down of integral IT systems suggests a ransomware attack or double extortion attack. A double extortion attack includes both the threat of encrypting enterprise systems into uselessness and leaking stolen data unless a ransom is paid. Double extortion is a 2020 cyber criminal trend that shows no signs of slowing.
Lessons Learned
The Man U. attack serves as a reminder that no organization is fully immune from cyber attacks, no matter how prepared they may be. A robust cyber security strategy concentrates not only on prevention, but mitigation and post-hack resilience as well.
Related: Cyber Spend & CISO Trends; 2020 Year-End Report
Cyber criminals have several tools in their toolbox to breach an organization. Once inside, they simply steal employee credentials in order to fly under the radar, collecting proprietary and personal data for weeks or months before detection. Sophisticated threats require sophisticated cyber security investments. Holistic employee training regarding cyber threats such as phishing and other social engineering tactics round out a solid cyber security plan. Additionally, the plan must be tested and re-tested. A set-it-and-forget-it cyber security strategy is no strategy at all.
[inlinead-1]
Quick Tips
In today’s threat landscape, it is necessary for large organizations to make significant investments into sophisticated cyber security policies and technologies. New must-haves include:
- Automated threat detection – Incident response time is key to effectively thwarting or mitigating a cyber security incident. Automated threat detection solutions work around the clock. They leverage AI and ML to automatically detect sophisticated malware attacks, safeguard valuable data, and immediately notify security personnel of the threat.
- Modern anti-ransomware software – Antivirus software is still an enterprise must, but cyber criminals are increasingly able to bypass it. Anti-ransomware takes a multi-pronged approach to cyber security including regular data backups, behavior-based detection, and automated threat remediation.
- Extended detection and response software (XDR) – XDR makes the behind-the-scenes of cyber security visible. It collects, correlates, and analyzes enterprise data across networks, clouds, endpoints, and applications. The frontend nature of these systems increases enterprise cyber awareness.
Read More: Incident Of The Week