Qatar has recently celebrated the one-year countdown to the 2022 FIFA World Cup. Most infrastructure projects have been delivered but government authorities are still working non-stop to assure that Qatar will present the best World Cup experience to the millions of fans expected to arrive in the country next year.
“The upcoming 2022 FIFA World Cup is not only one of the most anticipated tournaments but also one of the world’s most spectated sporting events in history. Being the host country comes with its fair share of prestige that has catapulted Qatar to the world’s centre stage,” said Kaspersky head of Enterprise Rashed al-Momani, who discussed with Gulf Times a range of topics, such as the government’s preparations to assure the safety of fans, industrial control systems, and cybersecurity, as well as cybercrime, among others.
What are the potential cybersecurity threats that organisers of the 2022 FIFA World Cup should look after?
The Qatar government has invested in building several stellar football stadiums as part of its bid to host the World Cup that is set to attract millions of visitors from around the world. Hosting an event of this scale involves a lot of logistics, which is only made easier with technology. As the Qatari government continues to heavily invest in everything from infrastructure, stadiums, communication, and logistics for the event, and anything in between, the reliance on technology will only grow. With more and more technology and devices being connected to the Internet, the greater the risk for attacks.
It is important for the organisers to implement a holistic cybersecurity approach that protects every aspect of the event from the tickets and website to the critical infrastructure and IoT connected devices to prevent attacks from taking place.
One particular cyber threat for consumers is online phishing, where criminals try to lure football fans by offering fake business offers, such as tickets, live streaming, and merchandise related to the games. In the course of two months, from August 15 to October 15, 2021, Kaspersky detected 11,000 fraudulent e-mails that used the World Cup as a trap.
What cybersecurity protocols must Qatar put in place to avert these threats? What role does cybersecurity play in ensuring the safety of both fans and the government of Qatar during the staging of the World Cup next year?
As the country gears up for this highly-anticipated event, Qatar has placed the 2022 FIFA World Cup cybersecurity at the forefront. It is important for the country to implement a holistic cybersecurity solution that protects the large number of fans visiting for the event.
An event with a size and scale of a World Cup will undoubtedly attract the attention of cybercriminals. Cybersecurity will play a major role in ensuring the safety and security of the guests. It is the responsibility of the host country to safeguard its guests.
The Qatar government has been making great steps in ensuring that the safety of guests is their first priority. Qatar’s Supreme Committee for Delivery and Legacy (SC) held a summit of security experts from around the world ahead of the 2022 FIFA World Cup in order to explore the types of cyber threats that large sporting events face.
The SC issued this cyber framework to set a standard for all those involved in the FIFA World Cup. As part of the framework, cyber-competencies and cyber-capabilities essential to safeguarding critical national services would be defined.
Since there will be more digital presence than ever before, there will be additional challenges regarding security and privacy. With the help of many global partners, the Security Committee developed the Qatar Cybersecurity Framework (QCF) to ensure a safe and secure event. Implementing frameworks such as this one plays a key role in working towards Qatar achieving its goal of being a cyber-secure event.
Elaborate further on advanced persistent threat (APT) attacks affecting Qatar.
Kaspersky researchers have kept a close eye on Qatar for APT and are currently monitoring seven cyber gangs actively targeting the country since the start of the pandemic in 2020. Kaspersky researchers issued 14 threat intelligence reports as a result of investigations associated with these groups that are primarily targeting governmental and diplomatic entities as well as companies in the telecommunications sector.
According to our research, Qatar seems to be less targeted when compared to other countries in the Middle East. However, it still remains essential for organisations to have threat intelligence capabilities that provide them with a 360-degree view to focus on how to address these attacks. Kaspersky works closely with local law enforcement agencies to provide them with information that can be used to track down and prosecute the groups responsible for such attacks.
How is Qatar progressing in terms of protecting its industrial control systems and making sure that it’s secure?
Industrial control system (ICS) security concerns the safeguarding and protection of control systems that are used for monitoring industrial processes. The oil and gas industry is an important part of Qatar’s economy and we’ve seen the country take major steps in order to ensure the protection of its critical infrastructure by prioritising cybersecurity and following the latest global standards.
Attacks against industrial organisations always carry the potential to be particularly devastating, both in terms of disruption to production and financial losses. In addition, attacks against industrial enterprises have become more targeted, organised by sophisticated threat actors with extensive resources whose goals may not just be financial gain but also cyberespionage.
Therefore, we need specialised solutions and services dedicated to this sector to be able to stay ahead of such threats. Some of the solutions we offer include endpoint protection for industrial hosts, network visibility and threat detection, OT security training, and security assessment to offer organisation a holistic approach to protecting their industrial systems.
“The upcoming 2022 FIFA World Cup is not only one of the most anticipated tournaments but also one of the world’s most spectated sporting events in history. Being the host country comes with its fair share of prestige that has catapulted Qatar to the world’s centre stage,” said Kaspersky head of Enterprise Rashed al-Momani, who discussed with Gulf Times a range of topics, such as the government’s preparations to assure the safety of fans, industrial control systems, and cybersecurity, as well as cybercrime, among others.
What are the potential cybersecurity threats that organisers of the 2022 FIFA World Cup should look after?
The Qatar government has invested in building several stellar football stadiums as part of its bid to host the World Cup that is set to attract millions of visitors from around the world. Hosting an event of this scale involves a lot of logistics, which is only made easier with technology. As the Qatari government continues to heavily invest in everything from infrastructure, stadiums, communication, and logistics for the event, and anything in between, the reliance on technology will only grow. With more and more technology and devices being connected to the Internet, the greater the risk for attacks.
It is important for the organisers to implement a holistic cybersecurity approach that protects every aspect of the event from the tickets and website to the critical infrastructure and IoT connected devices to prevent attacks from taking place.
One particular cyber threat for consumers is online phishing, where criminals try to lure football fans by offering fake business offers, such as tickets, live streaming, and merchandise related to the games. In the course of two months, from August 15 to October 15, 2021, Kaspersky detected 11,000 fraudulent e-mails that used the World Cup as a trap.
What cybersecurity protocols must Qatar put in place to avert these threats? What role does cybersecurity play in ensuring the safety of both fans and the government of Qatar during the staging of the World Cup next year?
As the country gears up for this highly-anticipated event, Qatar has placed the 2022 FIFA World Cup cybersecurity at the forefront. It is important for the country to implement a holistic cybersecurity solution that protects the large number of fans visiting for the event.
An event with a size and scale of a World Cup will undoubtedly attract the attention of cybercriminals. Cybersecurity will play a major role in ensuring the safety and security of the guests. It is the responsibility of the host country to safeguard its guests.
The Qatar government has been making great steps in ensuring that the safety of guests is their first priority. Qatar’s Supreme Committee for Delivery and Legacy (SC) held a summit of security experts from around the world ahead of the 2022 FIFA World Cup in order to explore the types of cyber threats that large sporting events face.
The SC issued this cyber framework to set a standard for all those involved in the FIFA World Cup. As part of the framework, cyber-competencies and cyber-capabilities essential to safeguarding critical national services would be defined.
Since there will be more digital presence than ever before, there will be additional challenges regarding security and privacy. With the help of many global partners, the Security Committee developed the Qatar Cybersecurity Framework (QCF) to ensure a safe and secure event. Implementing frameworks such as this one plays a key role in working towards Qatar achieving its goal of being a cyber-secure event.
Elaborate further on advanced persistent threat (APT) attacks affecting Qatar.
Kaspersky researchers have kept a close eye on Qatar for APT and are currently monitoring seven cyber gangs actively targeting the country since the start of the pandemic in 2020. Kaspersky researchers issued 14 threat intelligence reports as a result of investigations associated with these groups that are primarily targeting governmental and diplomatic entities as well as companies in the telecommunications sector.
According to our research, Qatar seems to be less targeted when compared to other countries in the Middle East. However, it still remains essential for organisations to have threat intelligence capabilities that provide them with a 360-degree view to focus on how to address these attacks. Kaspersky works closely with local law enforcement agencies to provide them with information that can be used to track down and prosecute the groups responsible for such attacks.
How is Qatar progressing in terms of protecting its industrial control systems and making sure that it’s secure?
Industrial control system (ICS) security concerns the safeguarding and protection of control systems that are used for monitoring industrial processes. The oil and gas industry is an important part of Qatar’s economy and we’ve seen the country take major steps in order to ensure the protection of its critical infrastructure by prioritising cybersecurity and following the latest global standards.
Attacks against industrial organisations always carry the potential to be particularly devastating, both in terms of disruption to production and financial losses. In addition, attacks against industrial enterprises have become more targeted, organised by sophisticated threat actors with extensive resources whose goals may not just be financial gain but also cyberespionage.
Therefore, we need specialised solutions and services dedicated to this sector to be able to stay ahead of such threats. Some of the solutions we offer include endpoint protection for industrial hosts, network visibility and threat detection, OT security training, and security assessment to offer organisation a holistic approach to protecting their industrial systems.