FIFA World Cup 2026: A warning of large-scale cyberattacks

The world's largest football tournament, the FIFA World Cup 2026, has officially kicked off, drawing the attention of millions of fans globally. However, behind the excitement of the high-stakes matches, cybersecurity experts are issuing urgent warnings that the tournament has become a prime target for cybercrime campaigns and sophisticated security threats.

A matrix of malicious domains and attack tactics

Researchers have pointed out that since the beginning of this year, cybercriminals have already set up a massive attack infrastructure. As of now, more than 10,000 fraudulent domains related to the World Cup have been registered.

Instead of merely targeting traditional websites, threat actors are leveraging platforms like Discord, WhatsApp, and Telegram to distribute malware. Through enticing social media posts, they lure users into clicking malicious links or falling victim to phishing schemes designed to steal personal and financial information. It is not just fans who are at risk; organizing committee staff are also being targeted through fake recruitment pages or malicious PDF documents disguised as employee handbooks.

Geopolitical threats

Beyond financial gain, experts emphasize the risks posed by state-sponsored or government-affiliated hacking groups. Although no specific incidents have been recorded yet, the likelihood of Distributed Denial of Service (DDoS) attacks - which overwhelm systems to disrupt services - or attacks targeting critical infrastructure remains high.

Notably, amid ongoing geopolitical tensions involving the U.S., threat activities targeting public utility providers and energy infrastructure have seen a recorded increase since the beginning of the year. These are prime targets that attackers could exploit to disrupt the tournament.

Preparedness of authorities

In response to this complex landscape, the Cybersecurity and Infrastructure Security Agency (CISA) is collaborating closely with federal and international partners to tighten security, covering both cybersecurity and physical security.

Protective measures extend beyond safeguarding FIFA's websites against spoofing - which the FBI had warned about since May - to conducting risk assessments at the 10 host stadiums, hotels, and event support hubs. Insights gained from providing technical support during the Winter Olympics in Italy and recent large-scale security drills serve as a foundation for authorities to tackle challenges throughout this 39-day tournament.

The World Cup 2026 is not only a test of sports organization but also a grueling cybersecurity battleground. With a scale of 104 matches across three nations, fan vigilance and close coordination among specialized units will be key factors in ensuring a safe and successful tournament.