THE 2026 FIFA World Cup presents heightened cybersecurity risks as threat actors target attendees and event operations across the US, Canada, and Mexico. Flashpoint research indicates a complex threat landscape, including physical security concerns and cybercrime focused on monetizing through ticket fraud, phishing, ransomware, and DDoS attacks. Thousands of fraudulent domains impersonate FIFA services, and the event could serve as a platform for hacktivist and state-aligned groups aiming for publicity.
Experts advise pre-event threat hunting and maintaining a baseline of network behavior to enhance security. Challenges also include the risk of lateral movement through unsecured network connections.