The Eurovision Song Contest is set to take place in Liverpool this weekend, but amid the pageantry and political jostling, organisers are concerned about the threat of a cyber attack.
Broadcasters at the BBC have said it’s their “biggest worry” ahead of the event, which is expected to be watched by more than 200 million people.
Cyber attacks are becoming increasingly common with live broadcasts, but the political nature of the Eurovision Song Contest – and this year’s one in particular – has heightened organisers’ fears.
The event is being held in the UK on behalf of last year’s winner, Ukraine, and authorities believe that bad actors tied to Russia could attempt to disrupt proceedings in retaliation for Europe’s support of Ukraine following its invasion.
Experts from the NCSC (National Cyber Security Centre) have been brought in to help identify and respond to threats.
A cyber attack could involve disruption to the broadcast, with the transmission potentially being knocked offline or hijacked.
Alternatively, criminal hackers could target the infrastructure at the Liverpool Arena, with anything from lighting rigs to on-set televisions and screens being disrupted.
History book repeating itself
Kate Phillips, the BBC’s director of unscripted programmes, said that no specific intelligence about an attack had been identified. However, television broadcasts have been a key battle ground in the cyber war accompanying Russia’s invasion of Ukraine.
In March, the TV station Skylink, which operates in the Czech Republic and Slovakia, was disrupted by a Russian hacking group. Customers were unable to access its website, watch online broadcasts or interact with customer systems and applications.
The station’s operator, the M7 Group, later confirmed that it was subjected to a DDoS (distributed denial-of-service) attack.
Unlike most cyber attacks, DDoS attacks are usually designed to frustrate the victim rather than steal sensitive information or hold the victim to ransom.
Given that both the Czech Republic and Slovakia have provided weapons and artillery to Ukraine, it’s likely that the attack was politically motivated.
Meanwhile, in 2022 the hacking collective Anonymous temporarily took down the Russian state-controlled television network RT News.
Most concerningly, last year’s Eurovision was targeted in a cyber attack. The Russia-based criminal hacking group Killnet and its affiliate Legion conducted a DDoS attack aimed at network infrastructure during performances and voting in an attempt to disrupt proceedings.
However, thanks to the effectiveness of the event organisers’ planning, the contest was largely unaffected.
The Italian authorities said that more than 100 police officers monitored the event, enabling them to spot and respond to the attacks promptly. They also had support from Eurovision TV and the IT firm ICT Rai.
It looks as though the UK is equally prepared for a cyber attack. Phillips said that there were “so many contingency plans” in place if an attack did occur.
She added: “I don’t want to say we’re pretty attack-proof but we’ve done everything we can to make sure the event is as secure as possible so people don’t have to worry about that.”
Phillips said the contest would have had high security in any event but the political landscape meant “we have had to up it as much as we possibly can”.
“Cyber attacks are the main worry because they’re becoming more and more frequent. Most companies seem to have been hacked,” she said. “We’re very conscious that we are open to a cyber-attack but everything we’ve done I think mitigates that.”
Making your mind up
Phillips’s words demonstrate the importance of effective threat management. If organisations are to prevent cyber attacks, they must act decisively to identify risks and take appropriate actions to mitigate them.
The ramifications of a cyber attack during an event as large as Eurovision amid a war obviously necessitate extreme precautions, but it’s a lesson that all organisations can learn from.
Cyber attacks can, and do, target organisations of all sizes and in all sectors. We found more than 1,000 security incidents last year, while research from IBM revealed that organisations spend $4.35 million (£3.46 million) on average responding to data breaches.
Many organisations in the UK have been caught up in Russia’s online war, either falling victim to an attack themselves or facing disruption through supply-chain failures.
Plus, there remains the countless instances of ‘traditional’ financially motivated attacks, with fraudsters crippling systems or stealing sensitive data.
Organisations are being urged to respond to these threats by investing more in cyber security defences, but if those solutions aren’t part of a cohesive strategy, the benefits will be minimal.
It’s why many experts recommend taking a defence-in-depth approach to cyber security.
A defence-in-depth framework consists of five interrelated stages (or ‘layers’) to mitigate the risk of data breaches: detection, protection, management, response and recovery.
Even if one of these defensive layers is breached, the next works to further contain the damage.
Whatever your resources or expertise, a defence-in-depth approach to cyber security will give you the best chance of mitigating the cyber security risks your organisation faces, so you can focus on your core business objectives without having to worry about coming under attack.
IT Governance has all the free resources, products and services you need to implement a defence-in-depth approach to cyber security that addresses the evolving range of cyber risks your organisation faces.
Get in touch today to find out how we can help you secure your success.