Cyber attack

Cloud7

Full Member
Joined
Jan 11, 2016
Messages
12,776
What do you get out of hacking a football club?
I assume the club has a lot of people's credit card information from season tickets, online store etc. Potentially a lot actually. Now that I think about it I'm surprised this is the first that we've heard of an attack like this.
 
Joined
Nov 11, 2015
Messages
2,596
Location
Whalley Range
Not entirely sure, tbf. What came to my mind was things like salaries (actual figures), top speeds, training records etc etc. Remember when Lukaku leaked data — that sort of stuff? How useful that stuff actually is to a hacker, yeah, your guess as good as mine. There must be something more... worthwhile?
United will have hundreds of thousands of people's personal details on file (names, addresses, bank details etc.)

The same as when other companies get hacked
 

Monkey bus

Full Member
Joined
Dec 27, 2015
Messages
148
Knowing how the club skimp on IT infrastructure I’m not surprised. I work in software sales and as a United fan I approached them for a sale with some marketing analytics software a couple of years back. Their budget was something like 25k per year for all related marketing software. Utterly fecking ridiculous. They asked if I could give it to them for free and they would do some branding with us. Told them in more polite terms to feck off.

funnily enough I now work in cyber sales! I imagine they probably use some sort of anti virus and that’s it (if their it security budget corresponds to the martech budget). With the kind of strategically Important data they have in emails etc they should at least have some endpoint detection and response technology and/or an outsourced SIEM. I’m actually gonna give them a call tomorrow and try and sell some forensic services :D
You’ve obviously got an insight into cyber attacks. What would you imagine the most likely purpose of an attack would be on the club? Customer‘s financials? Confidential club info? Or is a cyber attack too broad a description to decipher?
 

Acole9

Outstanding
Joined
Feb 17, 2013
Messages
12,503
Strangely enough when I just clicked on this thread the advert at the bottom was about malware :nervous:
 

Mb194dc

Full Member
Joined
Dec 8, 2015
Messages
4,595
Supports
Chelsea
Sounds like probably ransomware attack of some kind. Probably entry via email or similar.
 

Adam-Utd

Part of first caf team to complete Destiny raid
Joined
Sep 10, 2010
Messages
39,954
If everything is fine why post it? I mean for Utd site admin not OP.
Because if they don't announce it and loads of personal info gets stolen and they said nothing, they'd be in deep shit.

At least now everybody can change their passwords or lock their credit cards etc, they've had warning.
 

DRM

New Member
Newbie
Joined
Oct 8, 2017
Messages
4,227
How does one hack? I've always wanted to know
 

Red Royal

Full Member
Joined
Aug 19, 2013
Messages
2,983
Location
Planet Earth
How does one hack? I've always wanted to know
Just like any sporting attack really. You look for weaknesses in your 'opponents ' defense and try to get past them, or if you want to 'park the bus' then you prevent your 'opponent' from having any meaningful use of the ball/(deny resources like bandwidth, cpu etc).
 

Catt

Ole's at the wheel!
Joined
Mar 10, 2013
Messages
27,532
Location
Norway
With how badly run the club is, I wouldn't put it past them to somehow be at fault for this.
 

UmbroDays

Full Member
Joined
Aug 12, 2019
Messages
738
I remember seeing a cyber security job for us a few months back.

It’s my field of work and wanted to move from London for the job but the Mrs wasn’t haven’t it:nono:
 

Slevs

likes to play with penises
Joined
Apr 5, 2010
Messages
28,203
Location
Boyo
Could the club get hit by a potential fine as per GDPR standards if its proven adequate defence systems were not in place?
 

decorativeed

Full Member
Joined
Oct 19, 2009
Messages
12,328
Location
Tameside
Sounds like probably ransomware attack of some kind. Probably entry via email or similar.
Bingo. That's what it appears to be (at least according to the people I know who work there). A similar thing happened at my workplace, it wasn't targeted, and was caused by someone very naively opening a pdf 'invoice' from an unknown sender. I'd be surprised if it were a direct hacking attempt.
 

klayton88

Full Member
Joined
Jun 23, 2015
Messages
4,267
Luckily Phil Jones was our first line of defence and the threat is now contained.
 

BFernandes

New Member
Newbie
Joined
Oct 12, 2020
Messages
858
Location
Groom Lake
This is a sign.

For the past month I've been considering a career change to cyber security, have been umming and arhing, now this.
 

UmbroDays

Full Member
Joined
Aug 12, 2019
Messages
738
Could the club get hit by a potential fine as per GDPR standards if its proven adequate defence systems were not in place?
GDPR mostly involves personal data. So depending what this attack resulted in, they wouldn’t be.
 

Cloud7

Full Member
Joined
Jan 11, 2016
Messages
12,776
With how badly run the club is, I wouldn't put it past them to somehow be at fault for this.
This comment reminded me of that story about Arsenal doing an internal audit to find out how Pepe was signed for so much money :lol:
 

tenpoless

Full Member
Joined
Oct 20, 2014
Messages
16,176
Location
Fabinho's forehead
Because if they don't announce it and loads of personal info gets stolen and they said nothing, they'd be in deep shit.

At least now everybody can change their passwords or lock their credit cards etc, they've had warning.
Ah, one of them indirect warnings. Makes sense.
 

Needham

Full Member
Joined
Dec 7, 2013
Messages
11,747
I remember seeing a cyber security job for us a few months back.
It’s my field of work and wanted to move from London for the job but the Mrs wasn’t haven’t it:nono:
Just one more file in the backlog of lifetime resentment you'll have against her.
 

mitchmouse

loves to hate United.
Joined
Oct 8, 2014
Messages
17,361
I can only presume that Ed Woodward is our cyber security officer :wenger::lol:
 

Prodigal7

Full Member
Joined
Mar 29, 2015
Messages
2,227
Location
Daenerys' pants
It sounds like United had pretty good safeguards in place, but without those they could feasibly get all of our credit card details.
You’ve obviously got an insight into cyber attacks. What would you imagine the most likely purpose of an attack would be on the club? Customer‘s financials? Confidential club info? Or is a cyber attack too broad a description to decipher?
hard to say really but I think it’s likely to be after the high level emails/files from the likes of Woodward that talk about the clubs strategy ie plans for a European super league, project big picture etc. We are effectively deciding the future of world club football at the moment and this would be of interest to nations, governments and football clubs. I doubt in this case it would be done to obtain customer details.

these sophisticated organised attacks as described by the club are often nation state sponsored and it would not surprise me if Qatar and/or the UAE or others are behind it at arms length so it can’t be tracked back to them, given the implications for their investments. The Chinese do this all the time.

I’d be interested to see how they did it. It’s not like the movies where someone types really fast on a laptop and suddenly they’re in to the whole network. If the safeguards really are as good as the club says then there will have been months of probing and moving across machines to find the right privileges to get access to data. The only way to combat against it is to surface the attack before they get to machines/permissions in the network (like Woodies laptop) and isolate the infected devices before it’s too late.

edit: rumours are that it was a THIER ransomware that someone clicked on. Unclear what this means. I imagine it will be all hands to pumps to figure out what was actually taken. It can be difficult to tell especially early on and many ransomware attacks can blag their way to money even when they haven’t got the full amount of data they claim to have.
 
Last edited:

Lentwood

Full Member
Joined
Jan 2, 2015
Messages
6,783
Location
West Didsbury, Manchester
The club are likely trying to get ahead of the story and downplay the severity of the attack but be under no illusions that the club will be absolutely sh***ing themselves now and it will be all hands on deck for the next week/two weeks whilst they try and undo whatever damage has been done.
 

Catt

Ole's at the wheel!
Joined
Mar 10, 2013
Messages
27,532
Location
Norway
This comment reminded me of that story about Arsenal doing an internal audit to find out how Pepe was signed for so much money :lol:
Haha, it had to be said. I was joking if it wasn't obvious :lol:
 

mu4c_20le

Full Member
Joined
Jul 7, 2013
Messages
42,729
I guess its a bit late but I was hoping this would explain why we paid over 80M for maguire
 

Web of Bissaka

Full Member
Joined
Feb 20, 2017
Messages
8,553
Location
Losing to Comeback Winning!
Let's blame lack of preseason preparations, international football and fatigue oh wait-

Great defense, and counter-attacking.
The club have been preparing all along for this, very good contingency plan.
Club Statement said:
Although this is a sophisticated operation by organised cyber criminals, the club has extensive protocols and procedures in place for such an event and had rehearsed for this risk. Our cyber defences identified the attack and shut down affected systems to contain the damage and protect data.
Well done. If true
 

UmbroDays

Full Member
Joined
Aug 12, 2019
Messages
738
What do you get out of hacking a football club?
Trust me, this isn't even that bad. During COVID there was a sharp rise in ransomware hitting hospitals, US counties, etc.

Most times its financially motivated, which I think this situation is. Encrypt everything, and offer a decryption for about £1m. On the other hand you have more destructive GeoPolitical objectives such as NK attacking Sony or Sandworm (Russian) attacking Maersk.

Seen and dealt with ransomware before, but not since it took a much more organised crime stance turn recently
 
Last edited:

Brophs

The One and Only
Joined
Nov 28, 2006
Messages
50,275

The sensitive data can’t be Ashley Young wanking on a webcam as that’s already out there.
 

Green_Red

New Member
Joined
May 29, 2013
Messages
10,296
Its probably a ransomware attack. But credit card details of fans, access to clubs finance details, wage bill etc, a whole load of confidential emails etc. Could be quite damaging to the club...
Good shout actually.
 

Solius

¯\_(ツ)_/¯
Staff
Joined
Dec 31, 2007
Messages
86,292
As far as I know nobody has ever really gotten out of this kind of thing without actually paying up?