The National Cyber Security Centre in England has called for stringent measures by Premier League clubs to help avoid being victims of cyber crimes.
The directive followed the incident in which the managing director of a Premier League football club narrowly avoided losing £1 million during a transfer window after their email account was targeted by hackers.
The unnamed club was saved at the last minute by the other club’s bank, which intervened when it was clear that the money was being sent to a fraudulent account, according to a National Cyber Security Centre (NCSC) report.
The incident is almost an exact replica of the successful phishing scam against Italian club, Lazio, in 2018, which resulted in €2 million being lost to scammers.
According to the report, the managing director of the unnamed Premier League club had entered his credentials into a spoofed Office 365 page operated by hackers. When the transfer window opened, the thieves posed as this MD to intercept the transfer negotiations, talking directly to the European club attempting to buy a Premier League player. The European club’s bank managed to spot the discrepency during payment in time, halting the transfer.
This is just one of a number of security incidents the NCSC has used in The Cyber Threat to Sports Organisations report to highlight just how lucrative the industry is to hackers. According to the report, at least 70% of sports institutions suffer a cyber incident every 12 months, which is more than double the average of UK businesses.