Fifa World Cup under major threat of cyber terrorism
The 2026 Fifa World Cup could be the victim of the largest volume of cyber terrorism and hacktivism events in sporting history.
The sheer scale of next month’s tournament – which is being hosted across Canada, the United States and Mexico – could play into the hands of rogue states and groups looking to cause cyber damage to the largest World Cup ever staged.
It comes months after the officials uncovered a plot to hack the Winter Olympics in Milan earlier this year, and not long after the Pyeongchang Winter Olympics were hit with a cyber attack.
“Major sporting events are prime targets for cyber criminals because they combine global attention, emotional engagement, and huge digital dependency,” Matt Hull of cyber security company NCC Group told City AM. “This creates opportunities for everyone from financially motivated criminals to hacktivist groups looking for visibility.”
“The 2026 World Cup could become one of the most targeted sporting events we’ve seen from a cyber perspective – simply because of its scale, visibility, and digital footprint. In many cases, new tactics aren’t impacting the threat, but it could be increased by faster exploitation of existing weaknesses, and ongoing geopolitical tensions that the US is directly involved in.”
World Cup under cyber threat?
The most prominent cyber threats tend to stem from North Korea, Russia, China, and Iran. Only Iran is present at the Fifa World Cup next month, and is currently engaged in conflict with the co-hosting USA.
The growth of AI is also having an impact, Fifa with CrowdStrike stating in their recent Global Threat Report that there has been an 89 per cent increase in attacks by AI-enabled adversaries.
“It would be speculative to directly connect participating nations to cyber activity simply because teams or players are physically present – especially as a country doesn’t need to be competing in the tournament to pose a cyber risk,” Hull, a vice-president of cyber intelligence and response, added. “Cyber operations aren’t limited by geography, but equally, not every incident linked to the World Cup will be state-backed. Most are likely to be opportunistic or criminal in nature, and the more credible concern is the wider geopolitical threat environment surrounding a globally significant event hosted in the US.
“The biggest risks are likely to be engineering campaigns such as phishing, credential theft, ticket scams, brand impersonation, and payment fraud. Major global events create opportune conditions for social engineering because people are more likely to trust communications and act quickly under pressure.
“Hacktivist activity is also a persistent concern, particularly disruptive attacks like website defacements and distributed denial of service (DDoS) campaigns designed to generate attention during high-profile moments.”