Digital Shadows Photon Research Team set up a detailed alert system to collect examples of the critical threats to the Qatar 2022 World Cup organising bodies and their key partners and sponsors, over the course of 90 days. These potential incidents fall under four categories: brand protection, cyberthreat, physical protection and data leakage. Most incidents pertained to the cyberthreat category and included malicious webpages, marketplace listings and exposed files.
After triaging said incidents to remove false positives, the team collected the true positive incidents to analyse them and better comprehend how attackers were targeting the Qatar 2022 World Cup.
Potential tactics, techniques and procedures (TTPs) include impersonating domains, fake mobile apps, fraudulent social media pages, stolen credentials, hacktivist threat, ransomware and Initial Access Brokers. The results prove that a risk-based approach is required to avoid falling victim to an attack.