Global sporting events are increasingly vulnerable to cyber attacks designed not just to disrupt systems, but to undermine trust at scale.
A King's Business School cyber security expert says the 2026 tournament, spanning the US, Canada and Mexico, presents a uniquely attractive target for hacktivist groups and state-linked actors.
Dr Aybars Tuncdogan says the combination of global visibility, concentrated infrastructure and cultural significance makes the World Cup unusually exposed:
"It's a large spectacle. Everybody's watching it. If you affect one system, you can have a wide-scale impact. It becomes almost like a temporary single point of failure."
Speaking on the Office Hours podcast, he explained that modern hacktivism is no longer driven by loosely organised groups, but is often tied to political or geopolitical agendas.
"If you disrupt something like the World Cup, you are not just affecting a system. You are affecting a cultural ritual," he said.
Dr Tuncdogan identified two main types of actors: large-scale networks of participants carrying out attacks such as distributed denial-of-service campaigns, and smaller, highly sophisticated groups with access to advanced cyber capabilities.
He added that geopolitical tensions are increasingly shaping cyber activity, with major powers using attacks to expose weaknesses in rival systems and influence global narratives.
"Every kind of weakness shown can become part of a broader narrative," he said.
Advances in artificial intelligence are accelerating the threat. AI tools can automate phishing campaigns, generate highly convincing fake communications and lower the barrier to entry for less experienced attackers.
Dr Tuncdogan warned that despite the focus on advanced threats, many vulnerabilities remain basic.
"Most of the time, attackers are focusing on low-hanging fruit," he said, noting that simple failures such as weak passwords or poor system management still account for a large share of incidents.
However, he warned that focusing only on the basics is not enough. His research highlights the need for what he calls "ambidextrous cybersecurity", balancing routine defensive measures with proactive efforts to identify new and unexpected attack paths.
"Balancing execution and discovery is essential," he said.
The challenge is compounded by the complexity of the World Cup itself. Rather than a single system, the tournament relies on interconnected networks including ticketing platforms, stadium infrastructure, broadcasters and third-party suppliers.
"The system we are looking at is not one unitary system. There are many different elements, and all of them need to be protected," he said.
While attacks may achieve tactical success, Dr Tuncdogan said their longer-term strategic impact remains uncertain.
But as global events become more digitally connected, he argues the stakes are shifting.
The risk is no longer just disruption. It is whether audiences can trust what they are seeing at all.
Listen to the full episode, Is the FIFA World Cup safe from hacktivists?, wherever you get your podcasts.
