Manchester United confirmed it had experienced a cyber attack on Friday evening, but stated that its defensive IT formation had identified the attack, shutting down impacted systems to contain the event and protect data. One of the key points of Manchester United's online statement was its affirmation that it had "extensive protocols and procedures in place for such an event and had rehearsed for this risk", allowing the team to go ahead with its match against West Bromwich Albion and to ensure all club media channels were unaffected. These 'cyber fire drills' are clearly becoming ever more vital to 'big game targets' and Manchester United appears to have benefited from such preparedness. 

Ranking third in the world out of the most valuable football teams, with a total valuation of more than £2.9 billion, the attack on Manchester United is a further example of the rising number of ransomware attacks worldwide during the pandemic, with a particular uptick in big-game hunting and the corresponding value of ransom demands. 

Recent investigations have highlighted that the number of distributed denial-of-service (DDoS) attacks observed in the third quarter of 2020 was four times higher than the first quarter of 2020 (Cloudfare). Further, CrowdStrike identified that 39% of UK organisations suffered a ransomware attack in the last 12 months and that on average pay USD 1.2 million, higher than the average USD 1.1 million globally. With these statistics in mind, it appears to be more important than ever that companies are prepared for such attacks, managing against the risk of exfiltration and encryption by, amongst other security protocols, partitioning and backing up systems, as well as understanding the legality and regulatory position of making ransomware payments.