Eurovision faces heightened cyber risks


Eurovision has said it was closely working with security teams to protect the world’s largest music competition from cyber attacks amid warnings of increased risks.

The 68th Eurovision Song Contest has kicked off in the Swedish city of Malmö amidst increased security concerns fuelled by geopolitical tensions, including Israel’s assault on Gaza and Russia’s war in Ukraine.

As one of the world’s most watched non-sporting events – 162 million people tuned in to see the live broadcast last year – it is also a prime target for threat actors posing both conventional and cyber risks.

ADVERTISEMENT

Cyber threats vary from lower-impact distributed denial-of-service (DDoS) attacks to potentially extremely damaging “hijacking” of the broadcast, according to the 23-page-long intelligence report released by the Swedish police last week.

Cybersecurity experts note the voting system could be a potential target, especially during Saturday’s grand finale, while Malmö police chief Petra Stenkula told the Swedish broadcaster SVT that disinformation was one of the biggest concerns.

SVT is hosting this year’s Eurovision, which is organized by the European Broadcasting Union (EBU). The event’s representatives said they were aware of the risks and had taken the necessary steps to address them.

“We are working closely with SVT's security team and the relevant authorities and expert partners to ensure we have the appropriate measures in place to protect from such risks,” the song contest’s spokesperson said in an email.

They said that Eurovision's partner responsible for the voting, the Germany-based firm Digame, undertakes “great efforts” to protect the competition’s voting system. “However, we can’t divulge any information about the measures and processes that are implemented to safeguard the public vote,” the spokesperson said.

Ron Meyran, the head of cyber intelligence at cybersecurity firm Radware, said network operators should be “particularly concerned” about protecting broadcast networks, streaming services, voting platforms, ticketing operations, control systems, and other related infrastructure.

“When successful, these types of threats can easily result in reputational loss and the promotion of political propaganda at an event that was created to unite people through music and art,” Meyran said.

Overall security has been tightened in Malmö, where some 100,000 visitors were expected for the Eurovision Song Contest, and the largest-ever police operation in southern Sweden was set in motion, including reinforcements from neighboring Denmark and Sweden.

ADVERTISEMENT
malmo_arena_0508
Eurovision arena in Malmö, Sweden. Image by Atila Altuntas/Getty Images

Mix of threats

While the police said there were no specific threats to Eurovision, Sweden has been on a terror level four out of five since August last year. The threat level was raised to “high” following a spate of Quran burnings in the country that angered the Muslim community.

Sweden was a “priority target” for violent jihadist groups, according to the police threat assessment for Eurovision.

The EBU’s decision to allow Israel to participate in Eurovision has led to ire in some circles, with detractors accusing the organizers of double standards after Russia was banned from the competition in 2022 following its full-scale invasion of Ukraine.

The organizers said the situation between Russia and Israel was different and Eurovision was a “non-political event.”

In turn, Israel agreed to change its original entry called “October Rain” – widely interpreted as a reference to the October 7th Hamas attacks – into a more neutral “Hurricane” following a backlash.

The cybersecurity advisory released by Radware said Eurovision could be targeted by pro-Palestinian hacktivists but also by Russia-linked threat actors over Sweden’s support for Ukraine and the fact it has recently joined NATO.

“With attackers leveraging new tools and generative artificial intelligence to automate attacks, it has become increasingly easier for cybercriminals and even average citizens to carry out disruptive attacks,” the advisory read.

“Toolkits, attack services and initial access are widely available for download or purchase across the internet and – as a result of the growing cyber conflict between Russia and the rest of the world – attack techniques have improved,” it said.

ADVERTISEMENT

In addition to cyberattacks, the Swedish police also cited general disruption and unrest as potential risks for Eurovision.

On Saturday, a large protest demanding Israel’s removal from the contest is planned in Malmö, which is home to large Muslim and Palestinian communities. There are also calls to boycott Eurovision itself over its stance on Israel.

eurovision_protest_0508
Protest against Israel's participation in Eurovision in Stockholm. Image by Atila Altuntas/Getty Images

High-profile targets

Cyberattacks are the “main worry” for organizers of Eurovision, the UK’s national broadcaster BBC said last year when it hosted the event in Liverpool on behalf of Ukraine. Ukraine could not host the event itself due to the ongoing Russian invasion.

The Ukrainian folk-rap band Kalush Orchestra won the 2022 contest in Turin, Italy, which pro-Russian hacker group Killnet tried and failed to disrupt by launching a DDoS attack on the voting system. The Italian police said it had blocked its infiltration attempts.

In 2019, hackers managed to disrupt the online stream of the Eurovision semi-finals in Israel by inserting warnings of a missile strike and images of blasts in Tel Aviv, the host city. The Israeli government blamed the incident on Hamas.

Other high-profile entertainment and sports events will be facing an increased risk of cyberattacks this year. The Paris 2024 Olympics is getting ready for “unprecedented” cyber threats, its organizers said.

Organized crime, activists, and state actors will be the main source of risks during the games later in the summer, they said.

They also said Paris 2024 was working “hand in hand” with the French National Agency for Information Security (ANSSI) and cybersecurity companies Cisco and Eviden to limit the impact of these potential attacks.

ADVERTISEMENT

Well-known European film festivals, including the Cannes Film Festival opening next week on May 14th, could also pose opportunities for threat actors.

The effects of AI-generated content, an emerging threat, were already put on display earlier this week when hyper-realistic fake pictures of singers Katy Perry and Rihanna at the Met Gala went viral, despite neither actually attending the New York’s premier fashion event.