26 minutes agoScandal in World Cup: A hacker entered FIFA's system, managed to turn off cameras and change the result
Periskopi(2 hours ago)
(2 hours ago)The cybers expert discovered a serious flaw in FIFA's internal platforms that allowed access to match transmission management and confidential data without any authorization control.
As the World's largest football Cup is under way in the United States, Canada and Mexico, the world's leading football organisation, FIFA is facing possible security problems that have been detected in the first week of the race.
A security researcher and ethical hacker, who is known as BobDaHacker, discovered a critical weakness in the organisation's digital infrastructure.
In all, it was found that through a publicly available portal for recording football agents, access can be taken to FIFA's Microsoft Entra system, which unites a number of their internal platforms.
Although the app interfaces displayed a message of denial of access, it seemed that the background systems did not control the user's authorization, which in turn allowed unhindered access to very sensitive data.
The violation allowed access to the broadcast control panel of all World Cup matches, including access to direct transmission links and the opportunity to control cameras.
In addition, access to a platform that collects data on real-time soccer matches, a system for commentators, as well as confidential internal documents was open.
The system even allowed anyone identified in that way to change match data, which would directly affect the information systems used by TV commentators during broadcasts.
The flow was soon fixed
The entire process of <x0haction", namely gaining unauthorized access to FIFA critical systems, is documented in the blog BobDaHacker. Along with a description of the process and evidence for its claims, the hacker also states that reporting this weakness was extremely difficult due to FIFA's lack of clear communication channels for reporting security violations.
After unsuccessful efforts to contact F IFA was contacted via email and phone, MediaKind, the company responsible for television broadcasting technology, as well as the American Cyber Security Agency (CISA), and recently the FBI.
After all these reports, FIFA corrected the weakness over the next day, preventing unauthorized access to background systems. Despite the rapid reaction, FIFA did not comment on the incident, nor did it officially respond to the reported problem. /Telegraphy/
