How Secure Is All That Wireless Equipment at the Super Bowl?

The NFL has a roster of radio frequency experts to manage the 10,000 wireless devices and Wi-Fi networks at the big game in Arizona. But no wireless technology is 100 percent safe.

Super Bowl XLII is just days away, and as the New England Patriots and the New York Giants make their final preparations, so does the National Football League's team of "radio cops."

Related Stories

Arizona Stadium Goes High Tech with Wireless

The Security Plan for Your Wireless LAN

Goal-Line Stand (from CSOonline.com)

The 45 radio frequency (RF) experts actually prefer to be called frequency coordinators, according to a recent article, and they are tasked with organizing the radio frequencies at NFL games. Of course, this being the biggest game of the year, the pressure to ensure smooth wireless communications at the Super Bowl is huge.

According to a recent article in NetworkWorld that details the teams' efforts, there will be 10,000 wireless devices operating on 2,000 radio frequencies in the 1.7 million square feet of space at the University of Phoenix stadium in Glendale, Ariz. An NFL wireless security team makes its efforts to control radio devices clear, posting warning signs stating that media representatives' and spectators' use of RF devices is a privilege, and any interference with authorized users could mean that officials can confiscate the equipment and evict the people using it.

University of Phoenix Stadium
The setting at University of Phoenix Stadium. (Photo via Wikipedia)

The radio systems in play at the game are wide ranging: wireless intercom systems; coach-to-coach (press box to field) and coach-to-quarterback communications; referee mics and replay booth official transmissions; reporter and broadcaster signals; Wi-Fi systems; police and emergency medical responders; and the 70,000 fans in the stadium with their mobile devices.

But with all that complexity and wireless signals in the air, just how safe are the NFL's wireless networks, communications and transmissions? Is it out of the realm of possibility that, say, a denial of service attack or someone eavesdropping on the opponent's communications could affect the outcome of the game?

With Opportunity and Motive, Evil Possibilities?

Two things factor into the answers to those questions. First, wireless security technologies are not 100 percent effective, though they have improved immensely during the last couple of years. In the field of radio telecommunications, advances such as spread spectrum transmission technology has provided security and antijamming capabilities. On the wireless networking front, porous WEP (wired equivalent privacy) technology has been improved upon with WPA2 (Wi-Fi protected access) wireless LAN security.

And second, the attraction of the biggest stage in sports can bring out criminals and others with bad motives. With wagering on the game expected to reach $100 million, anything seems possible. "Is it possible that someone could either inadvertently or intentionally get through that [wireless security]? Yes," says Lisa Pierce, vice president in Forrester Research's Telecom & Networks research group. "This is a moving target."

Wireless and security analysts say an accidental oversight that denies wireless service, rather than a malicious attack, is more likely to occur on Super Bowl Sunday. For example, in a 2006 playoff game between the Patriots and the Jacksonville Jaguars in New England, "radio chatter from Patriots security staff was interfering with the Jaguars' primary coach-to-quarterback wireless system," forcing the Jaguars to use their backup system, according to the NetworkWorld article. The NFL deemed that the interference was accidental—the Patriots' security department had installed a new frequency on their two-way radios, the article reported, which was the same one used by the Jaguars coach-to-QB system, but forgot to tell the NFL frequency coordinators.

Allegations of stealing signals have a long history in sports, including the NFL. Earlier in the season, the league fined the Patriots $250,000 and head coach Bill Belichick $500,000 for illegally videotaping the New York Jets' coaches signaling to their players on the field.

Interceptions and Turnovers: When Bad Guys Use Illegal Tech Tools

Jeffrey Stern, vice president of business development at security vendor Koolspan and a wireless security expert, says that there are GSM and CDMA intercept devices, which function just like police scanners of yesteryear, that allow people to listen in on conversations on cellular networks. The equipment costs as little as $450, can be found on Google and is illegal in the United States, Stern says. (An account of a notorious Greek wiretapping scandal, in which 100 high-level Greek politicians' cell phones were tapped, illustrates just how far evil-doers will go to get at privileged communications.)

In theory, then, a bad actor could use this type of surveillance equipment to eavesdrop on any cellular communications at the game. "Most of these models are noninterfering with the cellular systems and they appear passive to the network," Stern says. "Of course this equipment is illegal to possess and operate in this country, with fines and jail time. But if we're talking about bad guys, then that's the kind of stuff bad guys use."

Patriots' opponents have been trying to get inside the head of New England quarterback Tom Brady all year long. But what if someone (say, a Giants employee or fan, or ingenious hacker) was able to get inside or disrupt the wireless connection that Brady has with Josh McDaniels, the Patriots offense coordinator who calls the plays in to Brady?

In the NFL, offenses have 40 seconds to call a play, get the right players onto the field, line up and snap the football. For the Patriots, McDaniels' voice is wirelessly transmitted to Brady's helmet (one-way only) for the first 25 seconds, and then it's cut after that by an NFL employee for the last 15 seconds. (The green dot on a quarterback's helmet signifies that it has wireless capabilities.)

Stern says the underlying radio technology used between the two transceivers, which is based on spread spectrum transmission security, makes it "very difficult" and "extremely unlikely" that anyone could listen in on the transmissions.

"There's probably more risk in someone reading your lips from binoculars on the other side of the field," Stern says. But that's not to say that another radio device operating on the same frequency couldn't disrupt the coach-to-QB communications, as happened to the Jacksonville Jaguars in 2006.

According to an ESPN.com article, there are several ways to get around the coach-to-QB cut off—if a team is willing to cheat.

"A team could reprogram its radio system to remove the cutoff official from the equation, sending signals directly from the coach's headset to the quarterback's helmet," the article states. "It could modify the equipment in the [coaches'] booth to achieve the same end. It could install a separate communications system, allowing another coach or quarterback to provide last-second updates. Or, a team could interfere with wires between the sideline and the press box."

The NFL has used wireless technologies for decades, and recent improvements have helped to limit disruptions. "I remember one time I was playing, I forget where it was, but I could hear the concession communication," said Kerry Collins, an NFL quarterback quoted in the ESPN.com article. "They were asking for popcorn on the second level or something like that. There are glitches from time to time, but all in all it's been a pretty sound system."

At the End of the Day, System Error Is Probably Greater Risk

Dave Aitel is the founder and CTO of security vendor Immunity and a former research scientist with the National Security Agency. "I don't know of any other large enterprise that has to monitor its radio frequencies this carefully," he says of the NFL's efforts. "I don't think there's anything malicious that's going to happen on Sunday, but of course, [the NFL security staffers] have to prepare for every eventuality."

That could range from a cameramen who's on the wrong frequency to a hacker who, just to have some fun, is able to access the broadcast signals and get his face up on the giant TV screens in the stadium. "If you're good enough," he adds. "This is going to require a fairly high level of skill or money. But sometimes money can substitute for skill."

Of course, he adds, the perpetrators better be prepared for the consequences. "All this seems like the sort of thing where you'd get caught," Aitel says, noting that the NFL infosecurity people will use monitoring and triangulation technology to track down illegal signals.

To Stern, the most likely scenario and biggest risk for the NFL is an "innocent error of interference"—a denial of service incident where someone, with a device that has a large output and wattage, will wash out someone else's transmission. Which is exactly why the NFL has 45 people working on it, he says.

"I'm sure they'll be some interference," Stern says, but he doesn't think it will have a material impact on the game and the millions of dollars at stake. "From a Vegas perspective," he says, "they'll get an un-interfered game."

Join the discussion
Be the first to comment on this article. Our Commenting Policies