In the past few weeks the website Football leaks has been publishing contracts relating to signings and transfers of football players from the world’s top leagues. While some accuse the people behind this page of hacking and document theft, they themselves have assured that they haven’t, in any moment, hacked anyone and that they actually have their own source who provides them with the information.
What’s certain is that when it comes to stealing information from a company, who has it easier than an employee of said company – they have knowledge of the systems, where information is stored, etc. Keep in mind that the majority of security practices are designed to protect a company from an external attacker, via perimeter protection and with an antivirus on the network’s computers.
Football Leaks and EDR protection
However, it isn’t common that they have more advanced security systems such as EDR (Endpoint Detection and Response), which allows them to have total control of what is running on the network, who is accessing certain documents, at what time, and what they end up doing with them. It is obvious that even though they want to invest in security solutions, nobody can guarantee that in no moment will we be compromised.
For this, EDR are the ideal solution – on one hand they offer a greater protection and control as regards what happens on our network, allowing us to know what is happening in real time, and give us valuable information. For example, if we have vulnerable programs – ones that haven’t been updated – that are running. On the other hand it gives us forensic information which allows us to investigate what happened when there is a security breach. This final point is what is really valuable.
Looking back at the case of Football Leaks, where confidential documents have been leaked, we see that these documents are in the possession of the clubs who make the contracts, the players who sign them, and any intermediary. If the clubs had this type of solution, it would be relatively easy to guess who accessed the documents, from where, and if there were any copies made. They could even know if other documents had been compromised.
The value that it offers is clear, however, the majority of companies focus their security spending on preventative measures. This Football Leaks case may just force businesses in this sector (football teams, federations, official organizations, etc.) to go beyond this and adopt the necessary measures to avoid this happening again, as they will have all of the information available should a similar event occur.
These steps aren’t very different to what businesses who already take their security seriously already do, such as banks and energy companies.