Case Study

Supreme Committee for Delivery & Legacy defends World Cup Qatar 2022 against cyberthreats with Palo Alto Networks Unit 42


The Supreme Committee for Delivery & Legacy was responsible for the infrastructure and operations of the World Cup Qatar 2022. It collaborated with Palo Alto Networks Unit 42 to assess and test their stadium cybersecurity controls and ensure the stadium security strategy adopted a threat-informed approach before and during the games. Unit 42 helped Supreme Committee for Delivery & Legacy ensure millions of fans, players, and staff enjoyed the world’s most spectacular soccer competition with pride and confidence.


In brief

Customer

Supreme Committee for Delivery & Legacy

Organisation Size

Eight stadiums, 1.5 million visitors and watched by five billion people

Featured Products and Services

Hosted operations for World Cup Qatar 2022

Industry

Sport


Challenges

The World Cup Qatar 2022 faced a rapidly growing and fast changing threat landscape. The challenge was to ensure a global audience could attend the World Cup Qatar 2022 stadiums with confidence.

Requirements

  • Leverage intelligence to prevent, detect, and respond to cybersecurity events, thereby eliminating risk.
  • Monitor all resources, including third-party technologies, OT, and IoT, to combat growing volume and sophistication of attacks.
  • Ensure tournament defences are equipped to identify and combat every threat.

Solution

Palo Alto Networks Unit 42 for Threat Intelligence, Threat Hunting, Security Risk Assessments, and Incident Response.

Download PDF Share

The world’s largest sporting event

Argentina’s nail-biting penalty shoot-out victory over France at the Lusail Stadium in December 2022 brought the curtain down on a phenomenally successful World Cup Qatar 2022. More than 1.5 million fans attended and five billion watched the showcase tournament in the Middle East.

The Supreme Committee for Delivery & Legacy was established by the State of Qatar in 2011 to deliver this global sporting event, which included provisioning and operating the event’s eight stadiums, infrastructure, accommodation, and transport.

That focus extended to the tournament stadiums’ state-of-the-art cybersecurity infrastructure, spanning everything from over 80,000 endpoints and stadium Wi-Fi, to internet of things (IoT), industrial control systems, and more. Supreme Committee for Delivery & Legacy’s primary goal was to set a new standard in World Cup infrastructure – at every level. And it was a goal the Supreme Committee for Delivery & Legacy embraced with enthusiasm.

The Supreme Committee for Delivery & Legacy took the early decision to standardise on the comprehensive, unified Palo Alto Networks portfolio to underpin stadium cybersecurity at World Cup Qatar 2022. The portfolio spanned network, endpoint, and cloud security to drive simple, automated, and intelligent cybersecurity.

The global scale of the event made it a high priority target for ransomware, state-sponsored attacks, and threat actors looking to disrupt the games. The Supreme Committee for Delivery & Legacy needed a trusted advisor to help assess and test these security controls and ensure the stadium security strategy adopted a threat-informed approach to be ready for any attempt to disrupt the experience. Moreover, in the unlikely event of an incident occurring during the tournament, to have cybersecurity experts ready and available to respond to any threat, in record time, and contain the incident.

“As the host of the World Cup Qatar 2022, this was a unique opportunity for Qatar to showcase innovative, integrated security technologies across our stadiums, to deliver a safe, smart, and exciting tournament,” says Niyas Abudlrahiman, Executive Director – Tournament ICT, Supreme Committee for Delivery & Legacy. “Our overriding priority was to partner with experts and respond with confidence should anything happen. Ultimately, we wanted to proactively manage and be prepared for every type of cyber risk and minimize that risk at our stadiums before it could disrupt the customer experience.”


quote

As the host of the World Cup Qatar 2022, this was a unique opportunity for Qatar to showcase innovative, integrated security technologies across our stadiums, to deliver a safe, smart, and exciting tournament.

–Niyas Abudlrahiman, Executive Director – Tournament ICT, Supreme Committee for Delivery & Legacy

REQUIREMENTS

Protect tournament from cyberattacks

The Supreme Committee for Delivery & Legacy identified several key requirements for the Qatar World Cup 2022 stadium cybersecurity operations strategy:

  • Ensure the World Cup 2022 stadium defences are equipped to identify and combat real threats.
  • Leverage intelligence to prevent, detect, and respond to cybersecurity events, thereby eliminating risk.
  • Analyse all resources, including third-party technologies, to combat a growing volume and sophistication of attacks.

SOLUTION

Trusted, strategic cybersecurity advice

The Supreme Committee for Delivery & Legacy partnered with Unit 42 to provide strategic analysis and guidance on its cybersecurity strategy and incident response plan. A team of Unit 42 threat researchers, incident responders, and security consultants worked collaboratively with the Supreme Committee for Delivery & Legacy to assess and test security controls across three dimensions.

  • Unit 42 Compromise Assessment: A 15-strong Unit 42 team proactively searched for historical and ongoing indicators of compromise to discover if any previously undetected malicious activity had occurred. The collection and analysis of data at scale underpinned a deep dive into any impacted systems, with defences being strengthened where necessary.
  • Unit 42 Security Program Design and Review: Unit 42 helped Supreme Committee for Delivery & Legacy assess, identify and prioritise their risks unique to the Games across the stadiums covering people, process and technology to build a strategic roadmap to guide security program goals, objectives and projects to discover potential compromises, understand the impact, and provide mitigation recommendations. Data mining, for example, was used to quantify sensitive data at risk as a result of a data breach, including personal health information (PHI), personally identifiable information (PII), payment card industry data (PCI) data.
  • Incident Simulation and Testing: Unit 42 performed penetration testing and Purple Team exercises to simulate real-world attack scenarios unique to the World Cup Qatar 2022 stadiums. By mirroring the latest tools and tactics used by threat actors and Unit 42 Threat Research, the 15-strong team of experts was able to test, detect, and eliminate any existing vulnerabilities. This included IoT security cameras and digital stadium signage. Three types of penetration testing were typically performed: an external user with no footprint, a low privilege user, and a user with complete access attempting to compromise the systems. Purple Team Exercises were also undertaken to identify alerting gaps, tune defences, and enhance security operations best practices.
  • Incident Response: Staying ahead of advanced threats required Supreme Committee for Delivery & Legacy to partner with an elite incident response team with access to world-class threat intelligence in the event of a cyber incident. Unit 42 Incident Response experts worked with the Supreme Committee for Delivery & Legacy team to be ready for and understand the nature of the attack and then quickly contain, remediate and eradicate it using a proven methodology and battle-tested tools developed from our real-world experience investigating thousands of incidents.

According to Kamran Shah, Manager, Information Security, Supreme Committee for Delivery & Legacy, “Threat intelligence is embedded throughout the Palo Alto Networks portfolio. The experienced team from Unit 42 worked as one to help design, build, and operate the World Cup Qatar 2022 stadium cybersecurity program. Palo Alto Networks experience, expertise, and technology played a vital role in the delivery of a robust and resilient security architecture and strategy across the stadiums to ensure a smooth delivery of tournament. Palo Alto Networks was one of the most important partners for World Cup Qatar 2022.”


quote

Threat intelligence is embedded throughout the Palo Alto Networks portfolio. The experienced team from Unit 42 worked as one to help design, build, and operate the World Cup Qatar 2022 stadium cybersecurity program.

–Kamran Shah, Manager, Information Security, Supreme Committee for Delivery & Legacy

BENEFITS

Respond with confidence. Partner with experts

Unit 42 consultants served as trusted advisors to the Supreme Committee for Delivery & Legacy both in the years building up to the World Cup Qatar 2022 and during the tournament.

Niyas Abudlrahiman comments, “Undoubtedly the greatest accolade we can pay to Unit 42 is the fact that World Cup Qatar 2022 stadiums were robust and resilient to cybersecurity threats. The same is true of the preceding Arab Cup 2021, which Unit 42 also supported.”

  • Delivered proactive, long-term resilience: Unit 42 continuously validated the World Cup Qatar 2022 stadium defences against the changing threat landscape. This enabled the team to understand where risks resided, and proactively adjust the cybersecurity strategy accordingly.
  • Provided comprehensive monitoring across complex, end-to-end infrastructure: Unit 42 monitored and assessed more than 30 technology vendors. This ranged from the network, endpoints, and cloud, to thirdparty systems such as elevators, turnstiles, digital screens, and fire alarms.
  • Enabled seamless security integration: Unit 42 connects seamlessly with Palo Alto Networks powerful portfolio of technology-enabled threat prevention, detection, and incident response solutions, ensuring seamlessly connected threat intelligence and instant response to incidents.
  • Ensured agile innovation and advanced technology: Unit 42 leveraged its combined research, development, and creativity into solving the unique cybersecurity challenges surrounding World Cup Qatar 2022. For example, cloud-native computing and machine learning AI enabled Unit 42 to respond immediately and at scale to events.

“Unit 42 provided World Cup Qatar 2022 stadiums with complete cybersecurity services,” says Niyas Abudlrahiman. “Their security consultants used their experience and expertise to focus assessments and prioritise recommendations based on attacks they see affecting organisations day in, day out. This continuous flow of real-time threat intelligence mitigated cyberthreats and helped deliver a highly successful tournament.”


quote

Undoubtedly the greatest accolade we can pay to Unit 42 is the fact that World Cup Qatar 2022 stadiums were robust and resilient to cybersecurity threats.

–Niyas Abudlrahiman, Executive Director – Tournament ICT, Supreme Committee for Delivery & Legacy

To learn more about Unit 42 visit here. To stay up to date with the latest threat intelligence and research visit Unit42.com. Read how the full Palo Alto Networks portfolio enabled Supreme Committee for Delivery & Legacy to safeguard World Cup Qatar 2022 stadiums. Discover how the Cortex platform became the central nervous system of the stadium Security Operations Centre.