Odds favor Super Bowl cyberattacks, security expert says

The Super Bowl presents a ripe target for cybercriminals intent on maximizing the impact of their scams, and the biggest question at this time – aside from which team will win the big game – is what form these attacks will take.


Dan Hubbard, vice president of security research at Websense, told today that the most likely form of attack to materialize in the run-up to the Feb. 3 clash between the New England Patriots and New York Giants will be botnet-generated phishing emails delivered in messages with Super Bowl-related subjects.


The perpetrators behind the notorious Storm Worm trojan and botnet have unleashed several waves of holiday-inspired bogus email messages recently, and they may not be able to resist the ultra high profile offered by the NFL's championship game, he noted.

Additionally, Hubbard said, a number of domains with Super Bowl-related URLs have been registered, but the destination sites for these URLs have yet to materialize – raising the possibility that a number of malware-infused sites will pop up in the next few days hoping to snare fans googling myriad Super Bowl sites.

While Super Bowl-related phishing emails and bogus game sites containing malware may be inevitable, perhaps the ripest potential targets are the largest legitimate Super Bowl websites – like the official game site ( and the Patriots' website, which now are notching millions of visits per day.

Last year, the website for Dolphins Stadium, which hosted Super Bowl XLI, was victimized when a JavaScript-enabled trojan was inserted in the homepage for the site.

Hubbard told that the increased sophistication and interactive functionality of the major Super Bowl websites also may have increased the vulnerability of these sites.


“These official sites are constantly adding bells and whistles, including functions that encourage users to contribute content. These features are going up so quickly, essentially they are in beta and released at the same time,” he said, adding that Super Bowl site managers must be constantly vigilant in scanning their sites for vulnerabilities, keeping pace with would-be hackers who no doubt are doing the same thing.


Websense Security Labs was in the forefront of the discovery of the hack of the Dolphins stadium and team websites. A JavaScript-enabled trojan, attempting to exploit vulnerabilities in Internet Explorer's handling of vector markup language, was inserted in the sites' homepages, enabling hackers to steal information from visitors for several hours before alerts were issued.

Websense's Threatscanner system detected the malicious code and automatically generated a warning telling users to stay away from the Dolphins' site, Hubbard said. When a Websense customer asked the internet security firm to explain the warning, Websense posted an alert and notified Dolphins Stadium officials, who in turn notified the FBI.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.