Formula 1, with its high-end tech, has managed to bolster its cybersecurity as they have also been the victim of various hack attacks.
Formula 1 is among the sports that are intensively relied upon technology. Therefore it attacks various cybercriminals and hackers. Mercedes, the most dominant team of the turbo-hybrid era, has been a victim of this vicious cycle.
The attention Silver Arrows fetch from these cyber attackers propels them to build a concrete wall to protect themselves from their digital adversaries.
“The profile of this organisation, the popularity of the sport and the fact that we’ve been pretty successful over the last few years actually acts as a little bit of a target for this type of activity,” explains Michael Taylor, IT director at Mercedes.
Mercedes faces an identical set of attacks from similar sources; most are phishing or ransomware attacks. But the Silver Arrows ought to protect its remote workforce, which can be anywhere around the world with so many races to cover.
“In this hybrid world, a lot of the technology comes out of Formula One and then trickles down into the cars that we drive, so there’s a tremendous amount of technology that’s on the cutting edge that obviously needs to be protected and certainly could be a target for nation-state actors,” says George Kurz, CEO of Crowdstrike, the cybersecurity partner of Mercedes.
How to protect Formula 1 members at team locations?
Most of the cybersecurity firms protect the touring staff, who are generally visiting one country to another in a span of a few weeks, by securing the endpoints- tablets, laptops and phones.
“That’s always an eye opener that always helps raise some inconvenient truths and some questions,” says Taylor. “Endpoints for us are our biggest area of risk because they have a human at the other end of them and most of the risk is inherently carried by humans doing something they probably shouldn’t do or didn’t intentionally mean to do,” Taylor explains.
“The endpoint is an area where we do have control over, but not full control and that’s really the biggest focus for us in terms of reducing the risk opportunity there.”
Many of the applications that assist in protecting F1 teams are cloud-based, allowing Mercedes to secure their endpoints no matter wherever they are in the world.
“Whether in the factory in what we class our protective environment or out in Australia, it’s still the same consistent endpoint protection that we have in place; the fact it’s calling home to a cloud location somewhere in the world massively simplifies the complexity and the challenge for us organisationally,” Taylor explains.
McLare faced an attack
Before last year’s Portuguese Grand Prix, McLaren’s CEO Zak Brawn faced sophisticated phishing attacks, a set of emails he would be expecting to receive. But Brawn never received those emails.
The state of the art cybersecurity protections McLaren applies to the inboxes of all its staff meant it went straight to junk mail and disabled the link.
“In terms of volume of attacks, they’ve definitely got smarter. They’re targeting individuals with phishing and spear-phishing attacks – it’s very targeted, very clever,” says Chris Hicks, group CIO at McLaren.
“It is a cat and mouse game; the attackers will react to your changes, then we react in turn – but I feel like we’re always one step ahead”.