Axios – What it takes to keep hackers out of the Super Bowl
For cybersecurity pros, a perfect Super Bowl performance this weekend means stopping hackers before they ever reach the field.
Why it matters: The Super Bowl has always been a breeding ground for sensitive data, from stadium WiFi networks and mobile payment systems to fans’ personal devices and the NFL’s corporate infrastructure.
- If a hacker finds just one way in, they could make off with a treasure trove of data — fan credentials, payment information, and even operational technology — that could be resold or exploited on the dark web.
The big picture: TSA estimates 42,000 travelers will come through the New Orleans airport alone for Sunday’s showdown between the Kansas City Chiefs and the Philadelphia Eagles.
- The city has also ramped up security at the Caesars Superdome following January’s terrorist attack in the French Quarter.
Mike Storm, distinguished engineer at Cisco, told Axios:
Zoom in: Cisco, an NFL partner, has had a team working 24/7 since Monday to keep hackers at bay, protecting not just the stadium but also nearby vendors and affiliated networks,
- Cisco has helped secure the last four Super Bowls and started preparations for this weekend’s game two years ago.
- The company declined to disclose the exact number of employees dedicated to the Super Bowl but confirmed it stands up its own security operations center and works with internal teams worldwide to protect the event.
- Beyond the stadium, cybersecurity efforts extend across hotels, vendors, and local businesses tied to the Super Bowl. “It’s not a day — it’s a week,” Storm said.
Storm said:
Threat level: Hackers stealing sensitive data is one of the top concerns for Super Bowl organizers,
- Cyber risks go beyond just stolen credentials. Power stations, communication networks, video displays, broadcasting systems, and payment infrastructure are all potential targets, Shimon Modi, VP of product management at Dataminr, told Axios.
- Companies working with the NFL need to be prepared for ransomware that can lock down critical systems, distributed denial-of-service attacks that can overload networks, and third-party supply chain attacks targeting partners, Modi said.
- Meanwhile, fans should be wary of phishing scams impersonating betting sites, ticket vendors, and hotel registration platforms to steal login credentials and financial data, Modi warned.
- “Bad things are going to happen,” Modi said. The question is: “How do you stay operational?”
Adding to the challenge, attackers are increasingly weaponizing AI. Storm noted that AI-powered tools like WormGPT and FraudGPT are fueling identity-based attacks, which now account for 91% of all cyberattacks.
He said:
They don’t have to grab admin identity, they can use anyone. They just need one, just one, that’s all it takes,
The big picture: Live events have long been a high-value hacking target, especially for groups looking to cause disruption rather than steal data.
- Hackers disrupted the 2018 Olympics’ opening ceremony livestream, and cyberattacks have loomed over major sporting events since.
- Scammers ramp up activity around big games, luring fans with phishing emails and fake ticket sales.
The intrigue: This year’s Super Bowl brings even more attention because of high-profile guests like Taylor Swift and President Trump.
Storm said,
The presence of certain individuals — who shall not be named — always increases the attack surface, referencing Swift’s attendance at last year’s game.
The bottom line: If all goes well, fans won’t notice the behind-the-scenes battle cybersecurity teams are waging.
Storm said,
Our goal is to make cybersecurity, as intense as it might be, as invisible to the fan experience as possible,
READ the latest news shaping the cybersecurity market at Cybersecurity News Central
Axios – What it takes to keep hackers out of the Super Bowl, source
