Geraldine Strawbridge

Geraldine Strawbridge is a graduate from the University of Glasgow. As the Editor of Cyber Radio, Geraldine is focused on delivering the latest cyber security news whilst making cyber security more relatable to people in their everyday lives.

FIFA Faces Further Embarrassment after Second Cyber-Attack

Football’s governing body FIFA is braced for more damaging leaks of confidential information after revealing it’s been hit with yet another cyber-attack.

The attack is the second that FIFA has suffered in recent years and it’s thought that a coordinated phishing campaign is behind the latest hack of FIFA’s computer systems.

In March this year, hackers managed to dupe a FIFA employee into clicking on a link which enabled them to gain access to sensitive information.

FIFA officials have not yet confirmed what data has been exposed in the breach, but the information has already been leaked to a handful of European media organisations and Football Leaks, a website that became famous in 2015 after it published a number of leaked internal FIFA documents.

FIFA released a statement saying it was “concerned by the fact that some information has been obtained illegally,” and that it “condemns any attempts to compromise the confidentiality, integrity and availability of data in any organisation using unlawful practices.”

FIFA Headquarters, Zurich Switzerland

The latest phishing attack is thought to be unrelated to the previous hacking attempt in 2017 when Russian hacking group ‘Fancy Bears’ leaked the details of around 150 failed drugs tests by international footballers.

Robert O’Brien, CEO of cybersecurity company MetaCompliance, believes that FIFA will need to look at new ways of strengthening and protecting its defences to reduce the chance of any further cyber-attacks.

“Hackers are interested in compromising high profile targets like FIFA or British Airways. The impact is so much higher and so is the possible pay off. By successfully tricking an employee into opening a malicious email, criminals can bypass traditional security measures to gain access to confidential information.

“To ensure that staff are able to recognise and respond to the most up to date security threats, it’s vital they receive regular training on phishing scams, the different forms they take and the importance of their role in preventing further attacks.”