After Manchester United was hacked and clubs fear losing millions of pounds if their turnstiles are disabled or valuable transfer data stolen as criminals scale up attacks in the pandemic

  • The Whites are the latest club to beef up security in face of cyber attacks
  • 11 Premier League clubs have attended a cyber security session this year
  • Manchester United fell victim to an attack in November last year
  • Criminals target transfer deals and try to insert ransomware into networks 

Leeds United are tightening their cyber defences in the face of a growing threat  from sophisticated criminals, who can extract millions of pounds from the biggest clubs.

English clubs are increasingly concerned about the threat from hackers, who see sport as a ‘highly attractive’ and ‘high-value’ target.

In the last year, Manchester United was attacked, an EFL club was hit with a £5m demand and the biggest single loss to a sports organisation from cyber crime was £4m, according to he UK National Cyber Security Centre (NCSC) – part of GCHQ.

Leeds United are making sure their cyber defence is super-tight after clubs were targeted

Leeds United are making sure their cyber defence is super-tight after clubs were targeted

The Whites have commissioned a specialist company to secure emails systems and files

The Whites have commissioned a specialist company to secure emails systems and files

The cyber criminals are aiming to cash in on big money deals, exploit lucrative match days, or even hold valuable transfer or fan data to ransom.

As well as United, Liverpool and Lazio have all fallen victim to hacks in recent years. But more are have suffered in silence or fought off the online raiders and clubs’ vulnerability is even greater now with thousands of staff working from home on laptops and remote serves.

Over 40 clubs attended a security conference organised by the NCSC, including 11 from the Premier League, in January, to learn more about how to protect themselves.

And the the watchdog says cyber-criminals see sport as a juicy target with seven out of 10 clubs experiencing an attack once a year, and three out of ten suffering at least five raids.

Manchester United’s hackers demanded cash to release their grip on the club’s systems

“We know that sports clubs and organisations are facing significant challenges managing the impact of the coronavirus pandemic,’ said Sarah Lyons, NCSC Deputy Director for Economy and Society ahead of the conference.

‘But that doesn’t stop the UK sports industry being a highly attractive target for cyber criminals – and it’s important that organisations are aware of this threat,’

Leeds have commissioned Barracuda Networks to beef up their security, focusing on securing the club’s email systems and defending against ransomware, which was believed to have affected some of Manchester United’s systems in November.

“Even in a normal year, Premier League clubs are a hot target for opportunistic cyber attackers, who are looking to disrupt servers or steal data, usually in an attempt to hold the club to ransom, or to sell sensitive data illegally for financial gain,’ said Chris Ross, a manager at Barracuda Networks.

Specialist firm, Barracuda, says it is working with Leeds on emails and back up files

Specialist firm, Barracuda, says it is working with Leeds on emails and back up files

“However, with hundreds if not thousands of staff members now working remotely, the threat facing Premier League clubs, and indeed all organisations, is more pressing than ever.’

There are two common types of attacks, email impersonation and ransomware, Ross’ colleague, Steve Peake explained.

‘The sporting world is targeted in a quite sophisticated way and the reason for that is there is a lot of information publicly available,’ Peake told Sportsmail.

‘We know football clubs time tables. We know when the transfer windows are and that is helpful because an attacker can pretend to be more credible.

‘In the transfer window there is a lot of speculation about where players may be moving to, so someone can potentially craft an attack to appear as though they are a party [to the transfer].’

Audacious as it sounds, these tactics, known as ‘impersonation’ attacks, do work if the criminals use hi-tech software to closely replicate emails and obtain detailed knowledge of the deal.

Lazio fell victim to email impersonation while completing a transfer with Feyenoord  in 2018

Lazio fell victim to email impersonation while completing a transfer with Feyenoord  in 2018

Italian giants, Lazio, fell for an email scam and paid £1.75m (€2m) to fraudsters in 2018.

According to Italian newspaper, Il Tempo, the Serie A club were completing the last instalment of a transfer fee for defender Stefan de Vrij, whom they had signed from Dutch club Feyenoord.

Lazio received an email that appeared to be from the Eredivisie outfit asking for the final payment of the deal along with bank account details.

The Italian side paid the money, but Feyenoord never received the fee and said they had not sent the email. The cash was traced to a Dutch bank account apparently set up by the fraudsters.

Last year, the National Cyber Security Centre said an EFL was asked for £5m by hackers

Last year, the National Cyber Security Centre said an EFL was asked for £5m by hackers

Closer to home, the NCSC reported last year that an email account of a Premier League football club’s managing director was hacked during a transfer negotiation, which led to the club attempting to pay £1m into a bank account set up by criminals.

The transaction was only halted because the club’s own bank identified the destination account as fraudulent.

In this case, inside information was obtained when the MD had inadvertently entered their details into a fake Office 365 login page, which allowed to hackers to monitor his correspondence.

Email is a potential weak point for any organisation. Liverpool was also hacked in 2018, resulting in a serious data breach for around 150 supporters, according to the Liverpool Echo.