With the start of the NCAA March Madness Tournament season, the social and cultural phenomenon has a presence in many workplaces. Up to 80 million tournament brackets are filled out each year, and many employees engage in March Madness-related activities during work hours. Online activity surges surrounding the tournament, and many do not keep their March Madness business entirely separate from their professional devices and accounts.
Bad actors, seeing a spike in internet activity and a highly distracted workforce, consider March Madness a golden opportunity to launch cyberattacks. Leveraging social engineering, spoofed applications, and AI-empowered malware, attackers take advantage of the widespread interest in March Madness to compromise and damage organizations.
Why March Madness Puts Businesses at Risk
The ways in which employees engage with March Madness at work can open organizations up to attacks from various angles. Streaming games, filling out brackets, and participating in office pools can cause employees to be distracted while on the clock, making them less vigilant to attacks. Employee security awareness and vigilance are the strongest defenses against social engineering attacks, and distracted employees are less likely to be on the lookout and able to spot suspicious communications.
On top of employee distraction, March Madness activity can also make organizations vulnerable to attack due to an increase in employees’ personal devices being connected to corporate networks. The rise of Bring Your Own Device (BYOD) arrangements and shadow IT in modern business contexts contributes to this overlap, making it difficult to separate work from March Madness activities. This means that organizations cannot effectively protect against all pertinent threats, as they cannot monitor and defend employee devices or shadow IT.
Cybercriminal Playbook: How Hackers Exploit the Hype
Attackers are always searching for the right tactics and circumstances to make it easier for them to launch more successful attacks for higher payouts. They often make an effort to keep track of events like March Madness with massive online hype they can take advantage of, using the surge in activity and distraction to craft highly effective attacks, including:
- Phishing Attacks: Bad actors send emails and other messages impersonating legitimate figures like tournament organizers, bracket sites, or “exclusive merchandise” offers; they deceive their targets into taking action to further their attack.
- Counterfeit Apps & Websites: Attackers publish fake applications and websites claiming to offer scores, streaming, and betting, which they use to achieve nefarious goals against their targets.
- Unauthorized Streaming Services: Employees sometimes download risky streaming platforms to watch games, putting their devices at risk.
- Ransomware & Malware Infections: Attacks are launched using various tactics to get targets to click on infected links or install malicious software on their devices.
- Social Engineering: Attackers often pose as coworkers in office pool discussions to extract sensitive data or otherwise compromise targets.
AI: The Cyber Offense That’s Changing the Game
In addition to the traditional tactics of spoofing, social engineering, malware, and the like, attackers also seek new technologies and advanced techniques that can enable more sophisticated attacks. In recent years, there has been an increase in the use of artificial intelligence (AI) for a wide range of purposes, and cyberattacks are no exception. Attackers use AI to help enable their attacks to bypass traditional defenses, as well as to automate attacks and increase efficiency.
AI can also be used to craft more effective attacks. Bad actors often use AI-enhanced tools to compose highly convincing and hyper-personalized phishing emails, impersonate executives or celebrities in deepfake scams, and hack the betting market for financial gain. It is estimated that March Madness-related attacks and decreased productivity cost close to $20 billion in potential revenue losses in 2024.
Real-World Consequences: Financial and Reputational Damage
The impacts of attacks capitalizing on March Madness can be far-reaching and vary widely. An attacker can use the opportunity of the tournament season to compromise organizations and their data, devices, systems, and networks. Data breaches can lead to regulatory fines, lawsuits, and the loss of intellectual property and competitive edge. Ransomware can cause operational disruptions and catastrophic financial and data losses.
An organization that becomes the victim of any cyberattack also risks reputational damage and loss of esteem among customers and industry peers. This can cause long-term damage to a brand if the business is unable to regain the trust of its audience and partners. Even if the organization manages to recover from an attack as much as possible, the costs associated with incident response and remediation can set it back considerably.
Defense Strategies: How to Protect Your Organization During March Madness
When it comes to protecting against these attacks, it is important to consider the most common vectors of attack and implement defenses where cyber threats are likely to strike. “Enterprises must take a mobile-first approach to security, ensuring threats are detected in real-time before they impact users or corporate networks,” says Krishna Vishnubhotla, Vice President of Threat Intelligence at Zimperium, a Dallas, Texas, provider of mobile security solutions. “Businesses should implement mobile security that continuously monitors for threats—on and offline—to keep both devices and corporate data safe.”
It is crucial for organizations to maintain a robust security strategy to prevent attacks during March Madness and year-round. Ensuring that employees receive security awareness training is one of the most important steps to protect against the risks of phishing, malicious sites and apps, and other attacks that take advantage of the human element. Other significant steps that organizations should take include keeping all software up to date, implementing strong identity and access management, enforcing multi-factor authentication, monitoring for suspicious activity, and developing incident response plans to prepare for potential attacks.
Don’t Let Your Cybersecurity Be an Underdog
March Madness can provide enjoyment and social connection for many employees, but it is no reason for businesses to be off their defensive game. Solid cybersecurity measures and policies are necessary at all times of the year, but high-activity events like the tournament season can make organizations particularly vulnerable to a range of attacks. Taking proactive steps to establish a strong security strategy can help businesses maintain their safety while allowing employees to have fun with the tournament. Cybercriminals may be in their own championship season, but a strong cybersecurity posture can keep your business out of the headlines.
