Houston Astros hacked, trade conversations posted online

The Houston Astros have been hacked.

The incident affects more than just the Texas baseball squad because information pilfered in the breach – and posted publicly online – relates to private conversations the team had with several other major league ball clubs.

Officials with the Astros were alerted last month that an unauthorized party, or parties, obtained information stored on its servers and in its applications, according to a statement emailed to SCMagazine.com on Tuesday.

Team officials quickly alerted MLB security and, since then, an investigation aided by the FBI is ongoing, according to the statement, which adds that the Astros organization plans to prosecute those involved to the fullest extent.

“While it does appear that some of the content released was based on trade conversations, a portion of the material was embellished or completely fabricated,” the statement said.

Some of the ball clubs the Houston Astros were corresponding with include the New York Mets and the Miami Marlins, according to two postings on anonymous data sharing website Anonbin, which reveal talks dating back to June 2013.

Jeff Luhnow, general manager of the Houston Astros, held sessions with reporters on Monday and said that the organization is working to upgrade its security to prevent a similar incident from occurring, according to a transcript posted by the Houston Chronicle.

Luhnow, who thought that security was sufficient prior to the breach, said he does not believe the Astros were targeted specifically, but added that he is not exactly sure of the motives behind the attack, according to the transcript.

“It’s a reflection of the age we living in,” Luhnow was reported as saying. “People are always trying to steal information, get information, whether it’s legally or illegally, and in this case it was illegally obtained and it’s unfortunate.”

Mike Lloyd, CTO of RedSeal Networks, said he could not agree more with Luhnow. Lloyd told SCMagazine.com in a Tuesday email correspondence that this kind of illegal activity is further encouraged by how relatively easy it is to execute.

“Attackers are finding [that] complex defenses are badly deployed, badly coordinated, and easy to walk through,” Lloyd said. “All the attacker needs is persistence, and the search for a forgotten, unlocked “side door” into the business can be largely automated.”

To recover from this incident, the Astros should not only shore up the security of their infrastructure, but also improve the logging and tracking of users who access sensitive data, Jean Taggert, security researcher with Malwarebytes, told SCMagazine.com in a Tuesday email correspondence.

“I’m not surprised at all,” Taggert said. “Baseball is a highly competitive game, and the kind of insight you could garner from these private sabermetrics would not only help in trade negotiations, it would allow you to frustrate the future trade prospects of the Astros.”

For more info on Security Event Management Solutions (SIEM): www.eFOURlearning.com

First reported in SC Magazine by Adam Greenberg

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s