Is Hackergate Next for the NFL?

Share Article

Many NFL teams are moving their playbooks and game film to iPads this year. Joe Caruso, CEO/CTO of Global Digital Forensics, weighs in on the biggest question surrounding this evolution. Is the NFL ready for the bad that comes with the good when it comes to life on the cyber frontier?

News Image
Leaving any area of a digital environment “up-to-chance” is nothing short of a recipe for disaster.

The National Football League generates well over $10 billion a year in revenue. That’s big business. And like many big businesses in America today, the temptation to rely more on the conveniences offered by mobile digital devices has taken root. Roughly half of the 32 NFL teams will be using Apple’s iPad in some form or fashion during the 2012 season, much to the joy of players and coaches that see a brave new world dawning regarding the two most primal ingredients found at the core of any successful NFL franchise, their playbooks and analyzing game film. Joe Caruso, CEO/CTO of Global Digital Forensics has seen this transformation before, first hand in corporate America, having responded to breach and intrusion incidents for many companies that grace the Fortune 500 list, and considering everything he has seen, one question looms large in his mind. Is the NFL ready for the bad that comes with the good when it comes to life on the cyber frontier?

All but one NFL franchise is privately owned, the Green Bay Packers and their Cheesehead collective being the lone exception. The rest are all owned by billionaires that proved their mettle in the dog-eat-dog world of business and came out on top. They made their fortunes by observing trends, being innovative, and making the gutsy calls to shake things up in the name of progress, just like any successful corporation or recognized business in America today. But as even the biggest corporations, trusted government agencies and anyone else doing business in the digital realm have been forced to realize, there are unsavory elements out there with the skills, desire and patience to wreak cyber havoc on any Goliath they deem a viable target. And in the hacker world, sometimes the notoriety of having slayed a Goliath is all the motivation they need.

Joe Caruso, founder of Global Digital Forensics, and his team of cyber security specialists have responded to a great many emergency cyber incidents in the corporate world. It is those firsthand lessons that raised more than an eyebrow concerning the NFL's move to the cyber arena, especially when so much is financially on the line. "The NFL has always struck me as extremely cautious when it comes to making groundbreaking changes. Remember how long it took to implement instant replay? To everyone on the outside looking in it was a no-brainer, but every nuance, from challenges to the time it would add to the game had to be considered and tweaked forever. But they had to do it. Fortunes and franchises could rise and fall based on a single bad call.”

“The other thing that stands out about the NFL is their unyielding focus on the integrity of the game. Spygate cost Bill Belichick half a million dollars out of his own pocket, not to mention another quarter million tacked on against the New England Patriots franchise and a first round pick turned to vapor. More recently, the New Orleans Saints got hammered by the league for their "bounty" program. The coach is out of the game for a year, players got suspended, half a million dollars flew out of the franchise coffer and two second round picks turned to dust. All of that translates into cold, hard dollars and can alter any NFL team's trajectory to success."

The Fine Line Between Victory and Defeat

"Football is a game modeled after war. It's about taking territory and trying to utterly dominate your opponent to achieve the objective ... to end with more points on the board than the other guys. But dominance takes more than just talent. Just like in real war, it takes preparation, strategy, communication, intelligence gathering, and precision execution. That means countless hours spent on working with Xs and Os, from every coach, to every player. And just like in real war, having your playbook exposed can easily lead to the agony of defeat. Just think about the efforts allied forces expended trying to "liberate" an Enigma code machine from the Germans in WWII. It was a real game changer when we finally managed to figure out their playbook."

What are the Risks? – Pay Close Attention Corporate America, This is for You Too

Any time assets are in digital form, cyber security must be an integral part of the battle-plan. The digital environment is fraught with threat vectors. Applications, even applications designed by reputable companies, can have exploitable chinks in their armor. Hackers employing clever social engineering as a delivery method to inject chaos into even a strongly secured system must be thwarted at every turn. Wireless connections can be exploited, zero day attacks must be considered and perhaps most important of them all, a plan must be designed, implemented and practiced should an incident occur to greatly diminish the initial impact of an attack and stop it from spreading like wildfire to everyone connected to the network. Leaving any area of a digital environment “up-to-chance” is nothing short of a recipe for disaster.

So What Can Be Done?

Joe Caruso had three things to say when the question was put to him, “Penetration testing, penetration testing, penetration testing. Penetration testing is having professional cyber security specialists attempt to crack your network by using the same methods and attack vectors real-world hackers would use to infiltrate an organization’s cyber assets. Depending on the data environment and what a client wants/needs tested, we can analyze everything from the source code of any applications deemed to pose a risk, to the network’s security and even social engineering attacks carried out from our GDF Attack Center. Then we sit down with the client and go over everything we uncover, where weaknesses are found, proper remediation steps and even helping to design an incident response plan that will be effective, attainable and cost effective.”

The Baltimore Ravens and the Tampa Bay Buccaneers led the way to the iPad revolution last year, now other teams like the Broncos, Cardinals, Rams, Eagles and Saints, among others, are all in. Even the Dolphins, whose legendary head coach Don Shula once mentioned that a Barry Bonds type of asterisk should be placed next to New England’s name after the Spygate fiasco came to light, are all in. Coincidentally they are also the team that will be featured on this year’s Hard Knocks. Maybe it will be a great chance to see how the technology is integrated and how safe it is.

“But if I was a billionaire NFL owner coughing up a king’s ransom every year to find success, I certainly wouldn’t leave anything on this new cyber front to chance. It could end up being the difference between failure and success, and that translates into gaining or losing cold, hard cash, integrity and respect, the tenets that got every owner where they are today and the very backbone of the NFL itself.” Caruso said in closing.

*Global Digital Forensics is a recognized leader in the fields of digital forensics and cyber security. To speak with a cyber security specialist about penetration testing, emergency incident response and/or customizing a security plan tailored to suit your unique needs, call 1-800-868-8189 anytime 24/7. Or visit for more information.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Aris Demos

Joe Caruso
Visit website