If a ransomware attack can happen to Man U, it can happen to you.
Posted 8th December 2020
Over the last couple of weeks reports have been surfacing that Manchester United has been attacked by what has been described as a “sophisticated and disruptive” ransomware attack. While there are undoubtedly some football fans out there celebrating a successful attack on the Red Devils, there is a sobering reality that if it can happen to one of the most high-profile football clubs in the world it can probably happen to you too.
The world of competitive sport relies on the safekeeping of information. Anyone who follows any high-profile sport, from Premiership football, through Formula 1, all the way to cricket and horse racing knows that the information held by sports teams can be worth £millions if it made it into the public domain. Knowing if a player is injured and medical checks for potential new signings, would be considered gold dust for gamblers alone. So, it makes sense that teams like Manchester United will have the most secure IT infrastructure possible. Yet, they have still been hacked and personal identity information and information assets have been compromised.
Manchester United face a potential fine from the ICO for breaching GDPR estimated at 4% of their annual revenue, and an additional US fine of $20million. For comparisons sake, that’s equivalent to the price they paid for Donny Van de Beek or David de Gea. Yes, we realise we’ve gone slightly football in this blog, we are after all football fans who run our own Fantasy league, but if you consider the costs to your business if a ransomware cyberattack happened, and the loss of potentially valuable assets, it brings things down to Earth. Manchester United can probably swallow a fine equivalent to 4% of their annual global revenue (and that doesn’t include the potential cost of paying the cybercriminals to get their lost data back), but could your business?
We know we regularly publish blogs about cybersecurity, staff training, and the Dark Web. There’s a reason why we do, they’re important topics to be aware of. It’s a sad state of affairs that a highly prominent sports club could be attacked like this. In many ways it’s akin to The Covent Garden diamond raids, only in a virtual environment.
As ever, we advise everyone to be alert to phishing emails and texts and to ensure that all of your cybersecurity systems are running properly. If you are worried that they aren’t, that you may have been compromised, or that you aren’t sure whether you have cybersecurity in place, get in touch and we’ll guide you through the best ways to avoid an attack.