Man Utd defence ‘holds firm’ as cyber attackers strike

manchester-united2Manchester United FC’s early season form might have been decidedly hit and miss on the pitch, with the team languishing in mid-table, but the Premier League club’s cyber strategy has been hailed for “setting the bar” after blocking a major online hack attack.

United confirmed the attack late on Friday evening, and officials have insisted that the club is “not currently aware of any breach of personal data” associated with fans and customers.

In a statement, it said: “Manchester United can confirm that the club has experienced a cyber attack on our systems. Although this is a sophisticated operation by organised cyber criminals, the club has extensive protocols and procedures in place for such an event and had rehearsed for this eventuality.

“Our cyber defences identified the attack and shut down affected systems to contain the damage and protect data.”

The club insisted that media channels, including its website and app, “are unaffected and we are not currently aware of any breach of personal data associated with our fans and customers”.

United also said it had informed the Information Commissioner’s Office about the incident and added that forensic tracing is being carried out in an attempt to establish further details about the attack.

Tim Mackey, principal security strategist at the Synopsys Cybersecurity Research Centre, praised United’s response. He told PA: “Unlike many organisations, it definitely appears Manchester United has a very well-formed, well thought out incident response programme.

“That’s one of the key elements that businesses don’t necessarily invest in that they ought to. The fact they can detect it this quickly, that’s a positive.

“Too often we hear stories of a cyber attack that occurred months ago and they’re now detecting it today. Manchester United being able to recognise this as quickly as it has done is fantastic. Manchester United has set the bar for how quickly to respond.”

The incident comes as a new survey by Specopssoft.com has revealed that 71% of SMEs admit they do not have a formal plan for dealing with cyber attacks.

Meanwhile, Gartner recently reported that IT spending will decline by 8% this year, dropping from $3.7 trillion (£2.7tn) in 2019 to $3.4 trillion (2.5tn). Within those figures, growth in security and risk management (cybersecurity) budgets has been scaled back, from a projected increase of 8.7% earlier this year to just 2.4%.

Related stories
Blackbaud breach sparks legal threat to UK universities
National Trust among 125 hit by Blackbaud hack in UK
Crisis donors hit as fears grow over Blackbaud breach
Pitney Bowes hit as Maze ransomware strikes again
Ransomware car crash hits digital transformation giant
Half of UK firms would pay ransom to avoid GDPR fine
Over 40% of firms suffered cyber breach in past year
Firms warned over new wave of nefarious cyber attacks