25-year-old safety from Montreal eyes NFL career
NEW YORK With countless hours of research and planning kept closely guarded, cybersecurity is in focus for this week’s NFL draft, as teams pivot to a virtual format on COVID-19 lockdown.
Usually draft day security involves little more than checking credentials and keeping fans in line, but as franchises take their operations online this Thursday, cybersecurity experts say teams are vulnerable to online mischief-makers.
“A lot of people like to do things not because they have any malice against you but they want to see if it will work or they want to get their name out there, they want to have their 15 minutes of fame,” said Paul Vixie, co-founder of Farsight Security.
Vixie said the NFL draft doesn’t offer much in the way of monetary appeal for hackers, but that he would “be much more worried about deliberate interference as performance art.”
The league declined to disclose its security measures but told Reuters they are “comprehensive and thoughtful,” and that they have provided best practices and were planning to run a system test with all 32 teams on Monday.
Individual clubs have been running their own mock drafts and the NFL will have also carried out a one-round draft simulation with clubs selecting former players before Thursday.
Ravens head coach John Harbaugh was among the first to voice concern over cybersecurity during the draft, telling reporters earlier this month that he is in frequent contact with his IT team but that he remains skeptical.
“They assure me we are doing everything humanly possible and I remember that that’s what Wells Fargo and all those other places said about our private information, so I have some real concerns,” said Harbaugh.
“I really wouldn’t want the opposing coaches to have our playbook or our draft meetings. That would be preferable.”
During the draft, clubs will submit their selections to the NFL player personnel department through Microsoft Teams, the NFL said, adding that it had contingency plans in place in case of a tech malfunction.
Video-conferencing application Zoom, which has faced criticism over security concerns, will be permitted for communication on an individual basis within clubs but not between teams and the league office.
“Assume what’s happening in Zoom is not staying in Zoom,” said Ekram Ahmed, a spokesperson for cybersecurity firm Check Point. “You just have to have that mentality.”
As millions across the globe moved business online as coronavirus lockdowns took effect, hackers have refocused their efforts toward “exploiting things around the home,” Ahmed said.
“The risk is significant, not just with Zoom but with any workplace online workplace or collaborative tool. That’s just because since coronavirus has happened, the attention of hackers has dramatically shifts toward exploiting almost anything that orbits around the home.”
Coaches and scouts co-ordinating from home around the U.S. will be relying on their IT departments more than ever to prevent embarrassing draft-night glitches.