Super Bowl — and fans at home — prime target for cyber criminals

To millions of fans around the world, and hundreds of thousands in Atlanta, Super Bowl LIII is the biggest sporting event of the year. More than two years of preparation by the City of Atlanta, U.S. Secret Service, FBI, DHS, FEMA and more than 40 other law enforcement agencies should give everyone a sense of security that the event will go off without a hitch.

Mercedes-Benz Stadium, home to the Atlanta Falcons, was rated Number 1 in security when it opened. According to the Falcons owner, Arthur Blank, he thinks the Super Bowl will be “a very safe place to be, comfortable place to be — place of warmth, place of hospitality.”

To make sure Super Bowl LIII lives up the safety and security expectations, DHS Secretary Kirsten Nielsen designated it a Special Event Assessment Rating (SEAR) 1. This is one step below the highest designation of National Special Security Event (NSSE), which was the label given to the 2017 inauguration of President Donald Trump. So, it’s a pretty safe bet that federal, state and local law enforcement take security seriously.

Atlanta is no stranger to terrorism and violence. The 1996 Olympic Park bombing killed two and injured more than 100. Lessons of Las Vegas, the 2015 Paris bombings,  the May 2017 suicide attack in Manchester, England, and other terrorist attacks are certainly ingrained in the psyche of everyone planning for the Super Bowl. Physically, this will most likely be the safest place to be in the United States.

And that’s what hackers and terrorists are banking on.

The 2017 Presidential Inauguration was also one of the safest places to be. There were 28,000 federal, state and local law enforcement officers to protect up to 1 million people expected to attend the inauguration and the Women’s March the following day. There was a heavy reliance on technology to augment the physical presence.

Just days before the swearing in, 123 out of 187 video surveillance cameras used by the D.C. Metropolitan Police were taken offline by a ransomware attack on Jan. 12. The hackers had been in the system since Jan. 9. For nearly four days, D.C. police were unable to record and had to complete a massive reinstallation to get back up and running.

If you think the threat of ransomware would have prompted Atlanta to make sure it was prepared for a similar attack, you’d be flat wrong.

In March 2018, Atlanta was hit by a crippling ransomware attack that severely impacted the ability to deliver essential city services. Mayor Keisha Lance Bottoms admitted that cybersecurity had not been a high priority.

Let’s hope it’s a high priority for the network supporting the “thousands of cameras” that will feed into the Joint Operations Center.

The threat vectors keep evolving, and lessons are being learned from around the globe. From vehicular-borne improvised explosive devices (VBIED) to suicide bombers to drones, there is no shortage of threats to defend against.

To counter the drone threat, the Federal Aviation Administration (FAA) issued a “No Drone Zone” temporary flight restriction. Obviously, the explosive-laden drone attack against Venezuelan President Nicolás Maduro in August 2018 remains on minds here; I’m pretty sure that, too, was a “No Drone Zone,” as was London’s Gatwick airport in December — but that didn’t stop a drone operator there from grounding more than 1,000 flights between Dec. 19 and 21.

It took only one very small drone flying near Teterboro airport, 15 miles away from the much larger Newark Liberty International, to suspend flight operations there for hours. Imagine the chaos of multiple drones in and around Atlanta’s Hartsfield-Jackson International Airport.

So, is the FAA ‘“No Drone Zone” working? Not even close. The AP is reporting that “The FBI says that security officials are being ‘inundated’ with drones flying around the Atlanta stadium that will host Sunday’s Super Bowl 53. That’s despite an ongoing restriction that bans the use of drones in the area of Mercedes-Benz Stadium downtown.” 

In times of emergency, mission-critical communications are the backbone of law enforcement and other first responders. Our most critical systems, especially computerized 911 dispatch systems, are being targeted regularly. There have been 300 attacks against public safety agencies and local government in the last 24 months, according to SecuLore Solutions, which compiled publicly available incidents.

Just days after the Atlanta ransomware attack, for example, Baltimore, Md., was struck. While it did not take down the actual inbound call system for 911 emergencies, it crippled the computer-aided dispatch system used by emergency personnel. Baltimore’s vulnerability — a technician’s change to an internal firewall — was only four hours old when it was exploited.

But the biggest attack vector isn’t the Super Bowl itself. It’s the thousands of people at the game and in the city, and the millions of viewers around the United States and the world. While Tom Brady is looking for holes in the Rams’ defense, hackers may be looking for holes in your devices and networks.

One thing not to do is type “free Super Bowl” into the search engine of your choice. Chances are good that whatever links are presented most likely will be loaded with malware and spyware.

During Super Bowl L, Payton Manning ended his career on a high note as Denver won. What was not so apparent were the more than 100,000 threats identified on the wireless network at Levi Stadium. One of the threats was serious enough to lead authorities to remove one person from the stadium.

No one can predict what will happen. Law enforcement can only prepare for what might happen. But one thing is for sure: There’re more things to attack this year than last. The only person capable of predicting what might happen hasn’t been signed up yet by law enforcement.

After the Super Bowl, maybe Tony Romo will take a stint helping public safety.

Morgan Wright is an expert on cybersecurity strategy, cyberterrorism, identity theft and privacy. He previously worked as a senior adviser in the U.S. State Department Antiterrorism Assistance Program and as senior law enforcement adviser for the 2012 Republican National Convention. Follow him on Twitter @morganwright_us.