X
NEXT
Forgot password?

DigitalXRAID

Manchester United suffers sophisticated cyber attack

It was reported this week that Manchester United has fell victim to a sophisticated cyber attack on its systems, causing minor disruption to the clubs operations. With administrative changes being required to allow access to the stadium for their recent match and emails being down all week – it depends whether you see this as minor. It would have caused much more disruption if they had 75,000 fans entering Old Trafford for their scheduled Tuesday evening game.

In a statement United said “Following the recent cyber-attack on the club, our IT team and external experts secured our networks and have conducted forensic investigations.

This attack was by nature disruptive, but we are not currently aware of any fan data being compromised”.

Although stated they are not aware of fan data being compromised, everyone is now assessing how much data could’ve been in the hands of the hackers. With the football club claiming it had over 1 billion fans in 2019, how many of those fans have purchased from the online United store, are part of the online fan club, have bought tickets online or sign up to their newsletter? That is quite a substantial amount of data that could still be at risk.

If found guilty to have breached fans rights under data protection laws, Man United could see fines reach up to £18million or four percent of its global annual turnover – whichever is higher.

But how did Manchester United contain the breach?

It is easy to see how the club has been attacked when in July, the NCSC reported that 70 percent of sports organisations had been the target of a cyber-attack in the previous 12 months – double the average rate of UK firms.

While Manchester United remain silent since their official press release, the press release itself helps us to identify how they dealt with the breach.

The cyber defences already in place detected the attack and prevented further damage by disconnecting their systems, this allowed the website and app to be unaffected and seems is the reason no customer data, at present, has been accessed. Combining cyber security with an internal risk management plan, allowed employees to follow the policies and procedures mapped out prior to bringing in the NSCS to investigate and further assist.

This shows how early detection and response can contain and limit the threat of an attack in any sized organisation.

It is presumed Manchester United have a high-level cyber security operation in place such as an End Point Protection and Response system (EDR), using a Managed Services Provider (MSP). For the highest level of security the EDR will be integrated with a Security Information & Event Management software, allowing security analyst’s to monitor the network and react quickly to any potential threats, which is likely how they were able to contain the attack and mitigate the risk.

Advanced Detection and Response Solution

Managed Services Provider, DigitalXRAID, offers an Advanced Detection and Response Security Operations Centre, delivering real-time monitoring and providing organisations with an expert analyst who monitors and protects all digital assets 24/7/365, providing advice and guidance at every step of the process.

Benefits of DigitalXRAID Advanced Detection and Response are:

  • Drastically improves the time it takes to detect a threat
  • Collects logs from multiple feeds
  • Allows investigation to be conducted more efficiently
  • Allows for advanced threat detection
  • Experts on how to guide you from incident through to containment

Due to Manchester United’s swift response, it was able to contain what could have been a catastrophic breach. It was able to protect its customers data and limit organisational downtime, therefore saving itself from an eyewatering loss in revenue and reputation.

DigitalXRAID are one of only eight companies globally who operate a CREST certified Security Operations Centre, protecting our customers with eight services under one Advanced Detection and Response solution. We work with everyone from the largest eCommerce fashion brands, global football clubs and prestigious Universities, keeping their customer data and infrastructure safe, so they can concentrate on business while we keep them safe.

Hackers don’t sleep and neither do we. Let us protect you. Speak to one of our experts

Previous Article

Explaining Cyber Security – The Easy Way

Next Article

New Year, Healthy Cyber? 11 Tips to Healthier Cyber Security in 2021

Cyber Security Experts

Accredited and regulated, we're in the top 1% of cyber security agencies globally

Crown Commercial Service Supplier Cyber Essentials Plus ISO 27001 BSI ISO 9001 CHECK NCSC Cyber Incident Response CREST

We’re trusted by the UK Government as Crown Commercial Service providers as well as being accredited by two of the leading cyber security governing bodies. Our ISO9001 certification means you can rest assured our processes and approach are market leading.

Protect Your Business & Your Reputation.

With a continued focus on security, you can rest assured that breaches and exploits won't be holding you back.

Speak To An Expert

x

Get In Touch

[contact-form-7 id="5" title="Contact Us Form"]