AI-enabled deepfakes and phishing attacks are among the top threats to the NFL, according to Tomás Maldonado, the league’s chief information security officer.
The NFL 2023-24 season kicked off on Thursday, with the Kansas City Chiefs taking on the Detroit Lions. Even as the season starts, Maldonado told Dark Reading that the league is working hard “not to have something impact us adversely.”
“The threats are changing. They are adapting, and it’s not only year over year. When we put on big events, it’s day by day, minute by minute, where we are seeing the evolution of adversaries,” he said.
Threats to the NFL
Cybersecurity experts have warned that generative AI tools allow threat actors to conduct sophisticated social engineering scams, and the NFL is not exempt from this threat. Maldonado expressed “worry” that deepfake videos could tarnish the image of individuals and brands.
The emergence of AI chatbots, like WormGPT, designed for malicious purposes, creates a new threat for cyber defenders to grapple with. The digitization of the NFL’s operations also creates a broader attack surface for threat actors to target.
“There’s going to be folks looking to just hit hard and to punch directly, square into the face,” Maldonado told Dark Reading.
Besides deepfakes, there’s also the threat of convincing phishing attacks that could lead to credential theft and leave critical systems exposed. Awareness training for players, coaches, and staff is one of the ways the NFL has sought to mitigate this threat.
Protecting the NFL
Maldonado’s team collaborates with the CISOs of the NFL’s 32 teams to focus on high-priority security areas. “The clubs compete on the field because it is the nature of the business,” Maldonado notes. “But when it comes to cybersecurity, we’re all in this together. It’s a team effort.”
External partners like telecoms giant Cisco have been key in fortifying the NFL’s digital environment.
It’s not just NFL players, teams, coaches, and executives who are at risk, fans are also in the crosshairs of threat actors. Scammers could pose as figures in the NFL to conduct social engineering attacks and deceive credulous fans. Free NFL streaming platforms may also contain information-stealing malware.
To avoid falling for deceptive phishing attacks, read our guide to phishing to learn about the tell-tale signs that indicate scammers may be trying to pull a fast one on you. And, if you want to stream NFL games online for free, be careful of the sites you visit.
Take a look at this AI-generated video below that uses deepfake technology to mimic the voices of NFL commentators:
For more cybersecurity news, follow us on X (Twitter), Threads, and Mastodon!
