What It Takes to Deliver a Tech‑Heavy World Cup

How are critical infrastructure in stadiums and host cities protected from increased threats?

Being in the global spotlight comes with serious cybersecurity risk to the critical infrastructure that makes the tournament possible.

Risks span the power grid serving the stadium, water and sanitation for fans, transportation networks, telecommunications for broadcasts and payments, and emergency services.

“The concentration of visitors, money, and media attention will create an unusually appealing window for attackers seeking disruption, ransom, or global publicity,” Associate Professor Saman Zonouz said. "A successful strike during a match could endanger public safety, paralyze the city, and embarrass the host on the world stage.”

Zonouz's Cyber-Physical Security (CPSec) Lab develops technologies that help protect these critical systems during large events.

Their work includes physics-aware AI systems that flag cyber attacks by identifying commands that make no physical sense. This compliments the team’s efforts to expose vulnerable devices before attackers do.

“Many of the programmable logic controllers (PLCs) that run physical equipment are actually unintentionally reachable from the open internet,” Zououz said.

The lab's PLCHound algorithm uses AI to identify exposed PLCs across the internet, revealing far more than previously known, including devices in airports, hospitals, and government systems.

Another research angle being utilized is realistic decoy systems, or "honeypots," that mimic real control systems to draw attackers out and expose their tactics before they reach actual equipment.

“The honeypots essentially turn an attacker's own reconnaissance against them,” Zonouz said.

Put together, this research helps critical systems detect, withstand, and quickly recover from a cyber strike, the kind of resilience a host city needs when the whole world is watching.