As Super Bowl LIII approaches, Radware’s Emergency Response Team (ERT) research team turns its attention to the crowds and the target-rich environments created by high profile sporting events.
Download Complete Alert
Abstract
As Super Bowl LIII approaches, Radware’s Emergency Response Team (ERT) turns its attention to the crowds and the target-rich environments created by high profile sporting events. The Super Bowl, like previous years, will bring large crowds that demand seamless connectivity and that will consume record-breaking volumes this year. Extreme Networks reported that last year’s attendees at Super Bowl LII transferred 16.32 terabytes of data with a peak rate of 7.867 Gbps. This enormous demand for connectivity poses a cybersecurity risk for event organizers, partners, sponsors and attendees.
Figure 1: Super Bowl LIII map / Source: NFL.com
Background
There are few sporting events in the world as significant as the Super Bowl. Last year there was an estimated 103 million viewers and this year advertisers are expected to pay nearly $5 million for a 30-second commercial. Beyond just the game, there is a variety of multimedia technology available to fans, providing a more immersive and interactive experience. These experiences include Super Bowl LIVE, a six-day series of concerts and events in Centennial Olympic Park, and the Super Bowl Experience, an eight-day event full of immersive exhibits and interactive games. Other activities also include the Verizon Experience that will showcase how 5G wireless technology will change the fan experience in stadiums moving forward.
Figure 2: Historical data for the Super Bowl (Source: Extreme Networks)
To ensure attendees have a seamless digital experience, the NFL, Georgia World Congress Center, AMB Sports and Entertainment Group and wireless carriers have made significant investments into the construction of the networks to maintain a high quality of service for the attendees and vendors. The stadium provides 15,000 Ethernet ports, 1,800 access points, and a Distributed Antenna System (DAS) for enhanced cellular coverage from all four major United States cellular carries. The stadium's Wi-Fi is provided by AT&T and consists of two redundant 40GB connections. The stadium also has pulled fiber as close to the access points as possible, terminating in mini intermediate distribution frames (IDF) throughout the stadium.
The network gear is from Aruba and Hewlett Packard Enterprise. Others involved with the network include IBM, Corning and ThinkAmp. The stadium also contains 2,000 IPTVs for delivering game content.
Mercedes-Benz Stadium also promotes a mobile application. While this application is not as advanced as applications for other stadiums, it does include information about the stadium, news, scores, ordering food for pickup as well as viewing, buying and transferring tickets and parking. These features and networks help ensure fans can watch, eat, share, download and communicate their gameday experience with others.
Figure 3: Wireless AP and DAS
Figure 4: Mini ISFs
Targets
- NFL
- Georgia World Congress Cneter
- AMB Sports and Entertainment Group
- Carriers
- Service Providers
- Sponsors and Partners
- Suppliers and Subcontractors
- Media
- Journalist
- Hospitality
- Spectators
Reason for Concern
Radware’s ERT has assessed the threat landscape created by Super Bowl LIII in Atlanta. One of the biggest concerns will surround protecting critical applications and networks that support the event, hosted both locally and in the cloud. Broadcast networks, industrial control systems, civil-service networks, and other related systems are all at risk as well. While there hasn’t been a recent attack of scale reported against the Super Bowl, last year we did witness a piece of malware named Olympic Destroyer target and disrupted the opening ceremonies and entry into the 2018 Winter Olympics in PyeongChang.
Major sporting events create a platform for cybercrime, though recently most cybercriminals and hacktivist have been focused on identity theft. They do this by spreading malicious software that is designed to harvest and steal personal information. Today’s High Density (HD) stadiums, theaters, arenas, and amphitheaters require small cells, Wi-Fi, and DAS deployments to serve their demanding environments. The technologies designed to enhance the spectators’ experience, such as Wi-Fi, Bluetooth, and other digital services, are the ones that are often easily exploited to harvest information from attendees.
For Super Bowl LIII, most cybercriminals will focus on identity and financial theft in the days leading up to the game. These attacks will often be baited with promotions for Super Bowl tickets or a trip to Atlanta for the game. Another concern surrounds the current Wi-Fi. The networks name is ‘attwifi’ and does not present the users with a login portal. While this makes it incredibly user-friendly, it also makes it easy for malicious actors to deploy evil access points in hopes an unsuspecting fan connects to it and discloses sensitive information.