Certainly in the realm of unbelievable hacks this one stands out. It is a little hard to say that it was a hack, since apparently someone left an account open and one of the St Louis Cardinal's staff took advantage of the opportunity and got into the accounts of the Houston Astros. There is, as I found out today, some interesting information that baseball teams keep. Algorithms for example, that help them decide which players to sign and which ones to let go. That must be an interesting thing for another team to have. Salaries, of course and some of the internal correspondence that gets sent to "all" must be riviting. None the less, they could use some simple security measures that almost anyone could have mentioned to them, not the least of which is clearing out users when they leave. That is security 101. Changing passwords at regular intervals is also a good one to remember. This reminds me of the way one of our church groups handled their security, not the way a business does it.
What's scary is the way systems are administrered at some of our businesses and government agencies with information far more valuable than those algorithms. We have kind of rolled our staffs down to small numbers to keep the cost down, doing away with separate security positions. They were replaced by admins, who are nice people and might marry one of my relatives one day. But, they are not well trained on security, especially network securirty. Trying to get that training is not an easy thing to do. They are busy and their management does not want to take them away from their work. Now, they start learning by doing, not a very good way to pick up things which might save them from some types of hacks. It can't come close to saving them from the kind of hacks that are going on out there in the real networks of the world. Good thing the Chinese don't have a baseball team that needs to operate like a commercial company. This wasn't a real hack like we usually think of. I wonder why the FBI took the case. They didn't take deflategate.
No comments:
Post a Comment