An audio sample obtained and verified by The Athletics shows how it’s possible to intercept college football’s new coach-to-helmet communications technology. An individual identified as Texas Tech defensive coordinator Tim DeRuyter may be making a series of defensive play calls and cues during Texas Tech’s game against TCU on Oct. 26.

The 31-second clip is somewhat muted and, at least to non-football staff or personnel, provides little context for what the play is shouting and the terminology it is referring to. But the captured clip points to a larger concern among some college football coaches about the potential benefits to be gained from intercepted signals.

The audio was captured by an outside entity during Texas Tech’s game at TCU and shared this week with Red Raiders head coach Joey McGuire to illustrate how an outside entity could access a team’s unencrypted coach-to-helmet communications hacking, according to sources familiar with the situation.

The revelation this week that Power 4 conferences have been using new coach-to-helmet communications technology over unencrypted frequencies this season has sparked concern and frustration, and Texas Tech has been the most prominent source of those feelings.

On Tuesday — the same day Tech said McGuire received the audio — Texas Tech athletic director Kirby Hocutt raised the issue of unencrypted headset communications during a meeting between Big 12 athletic directors and conference officials, according to sources with knowledge of the call. Hocutt expressed concern that these communications could be intercepted by opponents or outside parties, and he requested that the conference review Texas Tech’s recent games against Baylor and TCU to ensure their integrity. Tech lost to Baylor at home and TCU on the road.

In a statement released this week, the Big 12 said the league’s review found no direct evidence that the integrity of conference games was compromised by these security issues. The Big 12, according to sources involved in the helmet communications issue, conducted a painstaking investigation that included interviews with coaches and staffers from multiple institutions and a breakdown of the incident’s timeline.

All schools in the conference had coach-to-helmet equipment recalled this week to receive an encryption update. Each of the Power 4 conferences started the season with equipment from a company called GSC, which also supplies the NFL’s helmet communications. A group of 5 conferences use CoachComm, which provides the coaching headsets for almost all of Division I. The coach-to-helmet equipment uses a frequency “hopping system” that changes during the game to provide a make it more difficult for an external entity to gain access.

GO DEEPER

Power Four schools send helmet communication systems for tech solutions amid security concerns

There is no evidence that the Texas Tech audio was used in a compromising manner. Still, the lack of encryption, and evidence that a team’s in-game play calls can be intercepted, casts an unfortunate spotlight on the new technology in its first season of use in college football. It also comes a season after the Michigan sign-stealing scandal involving former recruiting executive Connor Stalion, which remains under investigation by the NCAA.

Multiple teams and coaches have referenced separate (and less concerning) issues about helmet communications stuttering or dropping out during games this season, including at Georgia at Texas, West Virginia at Pitt and Penn State at Wisconsin. If only one team’s communications go down during a game, neither team may use the technology until both regain access.

In a sport often criticized for its lack of cohesion, leadership and enforcement, the issue of helmet communication will do little to dispel these feelings.

GO DEEPER

What you need to know about college football’s new helmet communication rules

The coding issue was discovered during the Arkansas-Texas A&M game at AT&T Stadium in Arlington, Texas (home of the Dallas Cowboys) on September 28, and it could have been addressed much sooner. All four power conferences were then notified by the stadium frequency coordinator, and the conferences then notified select football and athletic department staffers at each of their member schools.

But multiple coaching staffers and athletic directors from across the power conferences said they were not aware of the encryption problem until this week and may have remained vulnerable for nearly a month.

In a memo to Big 12 ADs and head coaches sent Tuesday and obtained by The AthleticsConference director Scott Draper wrote that after the September discovery, GSC and frequency experts described the risk of anyone gaining access to the coach-to-helmet communications as “very low.” The league notified lead equipment managers and, as an interim measure, changed frequencies while a software update to GSC was completed.

“In retrospect, the Conference should have shared this information with each of you,” Draper wrote in the memo.

Several sources at the power conference said this The Athletics This week, they later discovered that it wasn’t that difficult for an outside entity to access the helmet communications.

“It’s pretty easy to pick up,” said one Big 12 school administrator. “You need to have some technical knowledge, but you don’t need to be a technology savant.”

Like the Big 12, none of the other power conferences are aware of games in jeopardy due to a lack of encrypted coach-to-helmet communication.

“The Big Ten reached out to schools regarding the software update based on an abundance of caution due to something coming from another conference,” Iowa football spokesman Matt Weitzel said. “Nothing happened in the Big Ten, and this was not mandatory.”

There have been no reports of stolen signals, Weitzel added.

Among coaches and administrators The Athletics that I spoke to this week, one of the biggest frustrations and criticisms was the fact that the highest level of college football – which is now a multi-billion dollar industry – was left in this position in the first place.

“We use a system that is not coded. And it’s the same company that supplies the NFL. And the NFL’s are encrypted. So I ask, “Why the hell isn’t our system encrypted?” Whose teacher is that?” said a Big 12 school administrator. “Why would we even have thought of using a system that wasn’t encrypted?”

Multiple messages left at GSC by The Athletics have not been returned.

The NCAA passed a rule this year that allows schools to use coach-to-helmet communications during games, as well as sideline tablets equipped with video display.

Don’t let the six blatant calls and the obvious cheating by the officials distract you from the fact that MIKE BOBO IS PLAYING WITH A WALKIE TALKIE CALL BECAUSE THEIR HEADSET COMMUNICATION RANDOMLY STOP WORKING pic.twitter.com/9mWAE758Lk

— Skinny (@skinnydawg10) October 20, 2024

If a team could intercept an opponent’s play calls in real time, it is unclear how much of an advantage this could provide. Some coaches The Athletics spoke likened the ability to access those communications to Michigan’s sign-stealing controversy last season. Others thought this was overkill and said it would be virtually impossible to implement in real time.

If a defense can hear the opponent’s play call, that can be enough to decipher whether it’s a run or a pass and quickly relay that information using the helmet microphone to the defensive player, who can quickly alert his teammates. Conversely, an offense that listens to defensive play calls can get a sense of whether the other team is applying pressure or covering up coverage on a particular play.

“If you know if it’s a run or a pass … a few quick signals (from a coach to a defensive player), it only takes a few seconds,” said a Power Conference head coach. “You still have to stop the other team, get out of the blocks and all that, but you get an indicator like that… if it helps you a few times or even just once, that can be a big play.”

Regardless, updating the coach-to-helmet coding should address these specific concerns in the future. Texas Tech accepted the Big 12’s conclusion that no games had been compromised and announced it would have no further comment on the matter.

And everyone is wondering why college football used non-encrypted technology in the first place, when the same company has taken care of the NFL and no public issues have arisen.

Manny Navarro and Scott Dochterman contributed reporting.

(Photo: Matthew Visinsky/Icon Sportswire via Getty)