FIFA Hacked Again, Expected Release of Private Information

FIFA is bracing for the release of private information following another cyber attack.

• By Sydny Shepard
• Nov 01, 2018

FIFA President Gianni Infantino is expecting a release of private information gained by hackers after world soccer's governing body said its computer network was subject to another cyber attack, according to the AP.

The news comes just weeks after the U.S. Department of Justice and the FBI disclosed Russia's military intelligence body was responsible for a hack on FIFA in 2016, which led to evidence from anti-doping investigations and lab results being published.

FIFA did not provide details about the data gained in the latest attack this year on email systems, but has been contacted by media outlets about internal information contained in private exchanges.

"The questions we received, we answered," Infantino said when asked about what can be released at a press conference. "My job entails having discussions, having conversations, exchanging documents, drafts, ideas, whatever on many, many topics. Otherwise you don't go anywhere."

Paul Edon, senior director, technical services at Tripwire said that hackers are getting more creative. This FIFA hack is evidence of that.

"Phishing campaigns are extremely popular and aim to dupe people into giving away personal and financial information, which is why individuals should be vigilant of the links and attachments sent to them," Edon said. "If you believe it could be suspicious, then avoid interacting. However, malicious cybercriminals are preying on human naivety which is why these attacks continue to be successful. Granted, it is becoming more difficult to track malicious attackers as they are getting better at mimicking valid content from reputable organizations."

Edon said the best way to avoid attacks is to educate yourself, your peers and your employees and to always have a healthy amount of skepticism. 

"The best way organizations and individuals can help avoid future attacks is through education programs, understanding the risks and consequences of clicking unknown links and attachments is a critical defence against phishing type attacks," Edon said. "Regardless of whether you believe the email to be legitimate or not, never click on inbuilt links. Always open your own web browser and log in to your account on the official website. If there is a legitimate requirement for you to update or re-enter information, it should be referenced within your specific account instance.”