Imperva, a Thales company and a leading cybersecurity firm, has issued a warning to organizations in the sporting, gaming, and travel sectors about heightened cyber threats as Euro 2024 and the Paris Olympics approach. These international events are expected to attract cybercriminals aiming to exploit the vast amounts of personal and financial data collected during ticket sales and the surge in related activities.

The Imperva Threat Research Team reported a 59% increase in attacks targeting European sporting websites in January, followed by a 66% increase in March. Additionally, organizations involved with these events, including travel, airlines, and betting websites, have seen a steady rise in attacks, with significant peaks of 55% in January 2024 and 33% in March.

Types of Cyber Threats

Imperva highlights several types of attacks that organizations might face:

1. Ticket Scalping and Reservation Bots: Bots are buying large quantities of tickets as soon as they become available, preventing genuine fans from purchasing them at face value. Scalpers then resell these tickets at inflated prices.
2. Account Takeover (ATO) Attacks: Cybercriminals use bots for credential stuffing and credential cracking to hijack user accounts on sports websites, exploiting these accounts for purchasing tickets, selling fraudulent merchandise, or stealing personal information.
3. Odds Scraping and Arbitrage: Betting bots scrape odds from multiple sports betting websites to find discrepancies, allowing bets that guarantee profits through arbitrage, undermining bookmakers and manipulating the betting market.
4. Fraudulent Account Creation: Bots create fake accounts to exploit sign-up bonuses and promotional offers on online betting and gaming platforms, skewing user data and leading to financial losses for companies.
5. Content Scraping and IP Theft: Bots scrape valuable content like live scores and statistics from official websites and republish it without authorization, diverting traffic and revenue from legitimate sources.
6. Layer 7 DDoS Attacks: These attacks target critical infrastructure and services, overwhelming ticket sales websites and authentication systems, resulting in lost sales and logistical challenges.

Recommendations for Organizations

Reinhart Hansen, Director of Technology at Imperva, advises organizations to remain vigilant and take proactive measures to defend against these threats. Key recommendations include:

• Prepare for Increased Traffic: Anticipate a high volume of traffic that includes a significant proportion of bots. Implement measures to handle this traffic effectively.
• Protect Critical Paths and Functionalities: Secure website functionalities like login and checkout forms against bots seeking to exploit business logic vulnerabilities. Implement bot mitigation solutions.
• Encourage Strong Account Security: Promote good password practices and implement multi-factor authentication (MFA). Ensure bot mitigation solutions have dedicated account takeover prevention capabilities.
• Stay Alert to Phishing Campaigns: Keep abreast of phishing attempts and alert customers to suspicious activities using your brand.
• Secure Client-Side Operations: Monitor and review all services on the client side to prevent Magecart-style attacks that exfiltrate sensitive information from website forms.
• Prepare for DDoS Attacks: Consider implementing a waiting room queueing system to maintain site performance during high traffic periods. Regularly stress-test infrastructure and engage in real-time monitoring.

As cyber threats grow in sophistication and intensity, enhancing cyber defense and resilience is crucial for organizations supporting Euro 2024 and the Paris Olympics.