A detailed threat assessment of the 2026 FIFA World Cup's cyber attack surface, covering three primary risk drivers: Iran-nexus operations (Handala Hack Team, CyberAv3ngers targeting OT/PLCs), Russia-nexus hacktivism (NoName057(16) DDoS campaigns), and financially motivated cybercrime (ticket fraud, hospitality ransomware, QR-code scams). The analysis draws on precedents from Paris 2024, Pyeongchang 2018, and Qatar 2022, and provides a prioritized threat matrix alongside concrete recommendations for tournament organizers, host-city utilities, hospitality operators, sponsors, and fans. Key concerns include wiper attacks against venue IT, OT disruption at municipal water/energy infrastructure, and large-scale fan-targeting fraud across 16 host cities in three nations.
Table of contents
Cybercriminal Threats to Fans and the Tournament Supply ChainGeopolitical Threats: Iran-Nexus and Disruptive HacktivismTemporary Multi-City Tournament InfrastructureImpact on Municipal, State and Federal InfrastructureRecommendationsFinal ThoughtsSort: