It was maverick owner Al Davis of the NFL’s Oakland Raiders who placed a large poster in the team’s locker room that read: If you’re not cheating, you’re not trying.
And, in sports players and teams have always tried to gain an edge over their opponent. Look at the media storm that was caused by the current Super Bowl Champion New England Patriots and their star quarterback Tom Brady deflating balls during the AFC Championship Game.
So it was not a surprise to hear that the St. Louis Cardinals, a team considered by many to be Baseball Royalty, being investigated by no less than the U.S. Federal Bureau of Investigation (FBI) for allegedly hacking another team in Major League Baseball – the Houston Astros.
I was puzzled as to why a team like the Cardinals who have won 11 World Series Championships in their history second only to the mighty New York Yankees (27) would care to hack into the Astros databases. The Astros have never won anything in their 53 year history. In fact the Astros placed dead last in the entire league from 2011 to 2013 losing a grand total of 323 ball games in that span. The Astros have made the playoffs a measly nine times overall.
According to published reports, the FBI have evidence that Cardinals officials gained access to Astros scouting reports, internal notes on player trades and more.
Speculation on this story has gone wild. From what I heard from various media sources the FBI believes the hackers gain access through easily guessed passwords held by a former executive of the Cardinals who is now the general manager of the Astros.
It’s common practice for organizations to keep passwords on file. I heard that this particular executive’s password was a combination of his last name plus the current year. Obviously, not the toughest password to break. If you know an executives previous passwords you can figure out the patterns that person likes to use.
Noted Romanian hacker Guccifer was able to access the personal email accounts of U.S. Presidential candidate Hillary Clinton and former U.S. Secretary of State Colin Powell by using simple guesswork.
It’s unsure at this point in time whether anyone involved got a competitive advantage because of this hack. But what is obvious to me is that this hack was easy to execute. Guccifer did not profit financially from his hacks, but he too stated that it was easy to break into the Clinton/Powell accounts.
To me this case is like someone tasting grapes at the grocery store without paying. The Astros made it easy for the hackers. In other words: It was like taking candy from a baby.
It also says something about the need for at least senior executives to create more stringent passwords.
No security system can insure total protection, but internal policies should be reviewed to enforce stronger passwords. This is something channel partners should take issue with when developing security systems for their clients. This baseball hacking scandal has shed new light on the use of weak passwords and it can become a rallying point for the channel to take action.
One quick hit before I go. Friend of CDN Jim Estill is now the new CEO of Danby, a Guelph, Ont.-based small appliance vendor. Estill was the former president of Synnex Canada and before that EMJ. CDN wishes Jim the very best.