How can you prevent your club becoming a cyber attack target?
You might think a cyber attack will never impact your club but, unfortunately, there is a rise in the number of small businesses and organisations being attacked. As larger companies prioritise cyber security, they become harder work for criminals to attack. Therefore, clubs have become potentially low-hanging fruit for criminals looking for a low-effort, high-reward attack. But why?
Here are the top 5 reasons your club could be a cyber attack target…
1. Valuable user data
Any sports or social club holds large amounts of valuable user data. Clubs are community hubs, with lots of information about previous and present members. Whilst this information (such as contact details and account information) is necessary for clubs to keep on file, it can be a goldmine for hackers. Ultimately cyber attackers are looking for any data that can be sold or used to breach other accounts or help them to make fraudulent purchases.
Even small community clubs can be a good cyber attack target for hackers. This is because little effort for significant reward can be much more appealing than spending time and resource trying to hack sophisticated systems put in place by experts safeguarding bigger clubs or businesses.
2. Slack security
Many clubs are run by volunteers, who don’t have a professional understanding of cyber security. Clubs may also not have the resources to invest in anti-virus software, spam filters or other security measures. This means many clubs are ‘soft targets’ for hackers.
Clubs should ensure all data is regularly backed up and all computer systems are password protected. Use a long, strong password that contains a random mix of characters.
Social engineering is a big risk – this is when a cyber attacker deceives you or your staff either remotely (such as by telephone or email) or by physically attempting to gain access to your club and your data. However big or small your club, make sure your staff and volunteers are trained effectively. Everyone working at your club should know the dangers of a cyber attack, and should have the knowledge to avoid falling for scams or phishing attempts. The biggest threat to your club is you and your employees, so follow simple steps to make sure your employees don’t fall foul of an attack.
3. Free Wi-Fi
Wi-Fi that isn’t secure could lead to personal information being stolen.
Clubs and pubs should use different passwords for accounts, and have a separate Wi-Fi network for customers, staff and also your club’s POS system. Only ever provide the ‘Guest’ WiFi code that gives members access to the ‘Guest’ network only, and make sure this password is regularly changed.
Encourage guests to use VPN (virtual private networks) if they’re going to work with sensitive data as some hackers are using open WiFi to trick guests. This works because attackers upload code to the server, allowing them to convince users that software downloads are safe.
4. Player information
This is perhaps most relevant to larger clubs, but cyber attack can be used as a form of espionage.
If teams use analytics provided by digital tools, the information can be invaluable to competitors or attackers hoping to place “educated” big bets on a team’s performance.
Generally speaking, however, cyber attackers are most likely to want user data rather than your team’s game strategy.
5. Theft or fraud
Clubs and pubs may be subject to fake phone calls (vishing) or emails (phishing) deceiving the recipient to send over money. Cyber attackers defraud or mislead people to share information with them, often by posing as an authoritative figure.
It’s obvious why cyber attackers do this – they want to receive personal or confidential information as this data is particularly valuable. Criminals may also want to use these methods to deceive you into sending them large sums of money directly.
The best way to mitigate against this risk is by training your club’s staff and ensuring they’re aware of the security steps they need to take (such as taking time to assess the situation, looking out for errors in domain names or email addresses etc).
The importance of cyber insurance
Research suggests a successful cyber attack could cost a UK sports club around £10,000. Make sure an attack doesn’t cripple your business by arranging cyber insurance.
Here at Club Insure, we truly want to help your club stay covered. While insurance will help avoid a financial fiasco, you should always consider risk management too. That’s why we published a range of cyber security articles to help you safeguard your club against cyber attack risk. For more information, or to speak to our risk management team, please get in touch.