Every year, the Eurovision Song Contest captivates millions of viewers across Europe and beyond, turning a simple music competition into a cultural phenomenon. This popularity extends to various forms of betting, with numerous gambling sites offering odds on Eurovision outcomes. Eurovision has grown from a small song competition into a massive international event, drawing in over 180 million viewers globally. This widespread interest translates into significant betting activity, with people placing bets on everything from which country will win to more niche outcomes like which song will have the most extravagant performance.
This year, a Swedish gambling site protected by Imperva became the target of a cyberattack, timed precisely during the Eurovision semifinals. The attack spanned three days, strategically occurring ahead of and during the song contest on May 7-9.
The attackers employed multiple vectors in their attack, using generic automated tools consistently over the three days. Only the second and third days, coinciding with the Eurovision Song Contest, saw more targeted SQL injection, cross-site scripting (XSS) and remote code execution (RCE) attack attempts. Although this site has been targeted by attacks previously, none have been this extensive. In total, 103,000 distinct IP addresses sent over 2 million malicious requests to the site during the song contest event. The majority of these requests originated from Nessus, a vulnerability scanner, as well as another Ruby based automation tool and various malicious bots.
The targeted cyberattack on the Swedish gambling site during Eurovision highlights the growing sophistication and timing precision of modern cyber threats. This incident underscores the importance of robust cybersecurity measures, especially during high-profile events that can attract increased attention and potential disruption. Continuous monitoring, vulnerability scanning, and timely incident response are critical in mitigating such threats, as well as self-adjusting DDoS protection to minimize downtime. As the cybersecurity landscape evolves, staying vigilant and proactive remains essential in protecting critical infrastructure and sensitive data from increasingly complex and targeted attacks.
Try Imperva for Free
Protect your business for 30 days on Imperva.