A well-known Scottish football club recently faced an alarming surge in electricity costs that raised significant concerns among the management team. Their electricity bills soared to £20,000 per month—substantially higher than in previous years. Initially attributing the increase to the rising cost of living, the management believed it was a temporary situation. However, as months passed without relief, they began implementing cost-cutting measures by switching off machinery and unplugging equipment each evening. Despite these efforts, there was still no noticeable reduction in their electricity bills.

During an external vulnerability assessment conducted by Cyber Regiment’s Recon software for another football club client, the team identified a small vulnerability that was linked to the struggling football club. The findings strongly indicated that there was something amiss with the club's forward-facing infrastructure, which could pose a security risk not only to themselves but also potentially endanger the operations of our other client.

Recognising the potential threat, Cyber Regiment reached out to the Scottish football club and offered to conduct a comprehensive review of their cybersecurity posture. This initiative aimed to uncover any underlying issues contributing to their excessive energy consumption and overall security vulnerabilities.

Upon commencing the review, the Cyber Regiment team thoroughly assessed the club's IT infrastructure and operational systems. It quickly became apparent that cyber actors were exploiting the club’s resources to mine cryptocurrency. This illicit activity was generating a significant spike in electricity consumption, as the cybercriminals used the club's servers and network for their mining operations without detection.

Cyber Regiment intervened with tailored strategies to address the security threats the club faced. We immediately notified the club's management about the cybersecurity breach and ongoing cryptocurrency mining activities, enabling swift action to mitigate further risks. Our team collaborated with the club's IT department to isolate the affected systems by identifying and cutting off unauthorized access points.

We provided a detailed report outlining vulnerabilities and recommendations for patching them to strengthen their security posture. Additionally, we assisted the club in implementing robust cybersecurity measures, including network segmentation, enhanced firewalls, and intrusion detection systems.

To detect unusual spikes in power usage linked to suspicious activity, we also advised on energy monitoring solutions. Furthermore, we established a framework for ongoing monitoring and support, including regular vulnerability assessments and employee training to bolster cybersecurity awareness.

Thanks to our intervention, Cyber Regiment eliminated the unauthorised mining activities, significantly reduced the football club's electricity bills, and restored the integrity of their IT systems. They regained control over their systems and onboarded the Battalion SecOps platform to help effectively monitor their network activities.

‍

‍