Manchester United are being held to ransom for millions of pounds by cyber criminals who have crippled the club’s systems, Sportsmail can reveal.
United have brought in a team of technical experts to contain the potentially ‘disastrous’ attack that was launched more than a week ago.
But it’s understood the hackers still have United in their grip after the National Cyber Security Centre last night confirmed they are helping the club to resolve the crisis.
It said: ‘The NCSC is aware of an incident affecting Manchester United Football Club and we are working with the organisation and partners to understand impact.’
The embarrassing lapse of security at one of the world’s biggest sports clubs is believed to be far more serious than first feared.
United’s network has been infected by ransomware – a computer virus - and they now face the option of having to pay up or risk seeing highly sensitive information about the club and its stars leaked into the public domain.
It’s unclear who the criminals are or how much they want, but the NCSC revealed that in the last year an EFL club were hit with a £5m demand and the biggest single loss to a sports organisation from cyber crime was £4m.
United could also face fines of £9m, £18m or two per cent of their total annual worldwide turnover from the independent government body Information Commissioner’s Office if the attack is found to have breached their fans’ data protection – although the club last night reassured supporters that is not the case.
United also insist the attack will not impact match-day operations. The next home game is against Paris Saint-Germain in the Champions League on Wednesday night.
A statement last night read: ‘Following the recent cyber attack on the club, our IT team and external experts secured our networks and have conducted forensic investigations.
‘This attack was by nature disruptive, but we are not currently aware of any fan data being compromised.
‘Critical systems required for matches to take place at Old Trafford remained secure and games have gone ahead as normal.
‘The club will not be commenting on speculation regarding who may have been responsible for this attack or the motives behind it.’
The NCSC warned about the increased threat to the £37billion sports industry from cyber criminals in July, including the more remote possibility of being targeted by nation states such as Russia.
It revealed that the unknown EFL club received a £5m ransom demand after its systems were crippled. The club refused to pay up and were unable to operate their CCTV and stadium turnstiles, almost resulting in a match being postponed.
In another sting, the email of a Premier League managing director was hacked by criminals who narrowly failed to sabotage a transfer deal with a European club and divert the £1m fee into their own bank account.
When sensitive information from Manchester City’s company emails was leaked in 2018, it led to a £9m fine for breaking Financial Fair Play rules and a two-year Champions League ban that was later overturned.
Warning of the specific threat to sports clubs, the NCSC said: ‘The business impact of ransomware attacks can be disastrous.
‘Since 2018, ransomware attacks have been growing in impact. The criminals carrying out the attacks are taking more time to analyse victim networks and understand the ‘value’ of the target organisation.
‘Using network analysis and lateral movement within the victim's network, attackers try to ensure they have maximum impact on the victim organisation - potentially denying access to business-critical files and systems.
‘Keep safe back-ups of important files. Even if you decide to pay the ransom, there is no guarantee that you will get access to your computer, or your files.’
The report revealed that 70 per cent of sports organisations had experienced cyber incidents in the previous year – double the average for UK businesses.
NCSC director of operations Paul Chichester said: ‘Sport is a pillar of many of our lives and we’re eagerly anticipating the return to full stadiums and a busy sporting calendar.
‘While cyber security might not be an obvious consideration for the sports sector as it thinks about its return, our findings show the impact of cyber criminals cashing in on this industry is very real.
‘I would urge sporting bodies to use this time to look at where they can improve their cyber security – doing so now will help protect them and millions of fans from the consequences of cyber crime.’
Last week, four British athletes have had intimate photographs and videos posted online in a cyber attack that has affected hundreds of female sports stars and celebrities.
The athletes in question, who had the material stolen from their phones, are considering steps to have the content removed from the dark web.
One British athlete have almost 100 private images stolen in the iCloud leak.
'It really is difficult to know what to do next,' the agent of one victim told The Times. 'The people who do this are sick. We have seen some very unpleasant cases, even where people have been blackmailed over [stolen] material.
'But it's not easy to get a grip on the situation and go after them. It can take years to pursue, just to get it taken down from the internet. As a victim you have to decide if you want to go through it.'
A spokesman for the National Cyber Security Centre (NCSC) said: 'Accessing and then leaking people's personal data is utterly reprehensible, and we would urge everyone to take steps to secure their online accounts.
'The NCSC recommends people turn on two-factor authentication where it's available. We also recommend a strong password made up of three random words to reduce the likelihood of being hacked, and important accounts should use a unique password. The NCSC's Cyber Aware website has actionable steps to stay secure.'