Man Utd have ‘set the bar’ in their rapid response to cyber attack, says expert

Manchester United seem to be ahead of the curve in detecting computer hacking, according to a cyber security expert who urged the club to share details of the attack on their systems with Premier League rivals.

United confirmed on Friday evening they were victims of a hack described as “a sophisticated operation by organised cyber criminals” but are currently unaware of a breach of personal data associated with fans and customers.

The club revealed their “cyber defences identified the attack and shut down affected systems” which meant that club media channels, including their website and app, were not impacted.

Manchester United
Manchester United

Police say they are investigating the incident.

Tim Mackey, principal security strategist at the Synopsys Cybersecurity Research Centre, believes cyber crime has been on the rise in recent years and praised United’s anticipation of such an event.

He told the PA news agency: “Unlike many organisations, it definitely appears Manchester United has a very well-formed, well thought out incident response programme.

“That’s one of the key elements that businesses don’t necessarily invest in that they ought to. The fact they can detect it this quickly, that’s a positive.

“Too often we hear stories of a cyber attack that occurred months ago and they’re now detecting it today. Manchester United being able to recognise this as quickly as they’ve done is fantastic.”

United say they have informed the Information Commissioner’s Office, as required, while forensic tracing is being carried out in a bid to establish further detail about the attack.

Asked what purpose the hackers have, Mackey said: “I’d like to say the attackers define the rules of their attack.

“For some attackers, it’s simply mischief, for others it is a financial motivation, or to actively disrupt the operations of a business and for others it is simply to exploit individuals.

“More often than not, it’s very much a criminal enterprise. There are on occasion lone individuals who are doing this but the bulk of cyber attacks today are organised crime.

“Anecdotally, I’ve seen a significant increase over the last two, three, four years and a slight shift in attack priorities since we’ve gone into pandemic lockdowns, working from home scenarios and things of that nature.

“One of the biggest challenges organisations of all stripes face is the level of attacks are becoming increasingly sophisticated and so it is a game of cat and mouse when it comes to how far ahead of an attack you can get.

“Understanding what the potential valuable assets within a business are, that’s one of the key elements that most organisations really need to be investing in as part of their incident response plan.”

Mackey believes United, if they have not started to do so already, should get in touch with other top-flight clubs and share of information of the experience so they can all safeguard against future cyber crime.

Mackey added: “One of the things I usually encourage organisations to do is to provide some details of how the attack transpired.

“I think this is a fantastic opportunity for all clubs to go and investigate the level of incident response and what their potential ability to identify a threat that might be in progress is.

“Manchester United has set the bar for how quickly to respond, how are other clubs able to at least achieve parity with what Manchester United has been able to demonstrate they can do?

“If I were a club owner, that would be one of the first conversations I would be having with my security teams.”