Modern field guide to security and privacy

Opinion: #CyberDeflategate and the beginning of sports hacking

It was only a matter of time before American sports added hacking to its tricks for gaining the upper hand. But unlike other cheating scandals that have led to suspensions and fines, computer crimes can lead to prison time.

Chris Humphreys/USA TODAY Sports
View during a recent game between the Colorado Rockies and the St. Louis Cardinals at Coors Field.

Even the most successful American sports franchises can’t resist the urge to cheat.

To catch up readers who may have been sleeping or are European: Over the winter, the New England Patriots were caught apparently tampering with the air pressure in footballs to suit bad weather and the arm of their superlative quarterback Tom Brady. The National Football League investigated #Deflategate – one of those nouns best preceded by a Twitter hashtag – and judged that Mr. Brady probably knew about the meddling, despite his fervent denials.

Now, one of the top teams in baseball is accused of something far worse. According to a recent New York Times story, officials from the St. Louis Cardinals hacked into the Houston Astros' computers. The goal was apparently to swipe secrets about players and prospects. The breach gave hackers access to information about trades, statistics, and scouting reports. For a rival team, it was a goldmine – the baseball equivalent of the Coke formula or KFC's secret recipe.

While this kind of cheating might be new to sports, we all know that professional athletics are rife with rule-bending, risk-taking, and, well, unsportsmanlike behavior. In baseball, for instance, pitchers will beam hitters with 100 m.p.h. balls as retribution for some perceived sin. Players are always trying to sneak something by the referees. And then there's the much darker side of cheating in taking performance-enhancing drugs. 

So, with the rise of hacking and computing mischief in general, it should be no surprise that sports cheating would eventually involve hacking. 

But here's the thing about hacking: It can seem easy to perform and easy to get away with because most organizations have lousy security, but even the best – think National Security Agency or notorious hacker Kevin Mitnick – get caught. And when you get caught trying to cheat in sports by breaking into computer networks, the culprits aren't just facing suspension or a fine, they're facing jail time.

While Brady will sit out some games and the Patriots will fork over $1 million due to Deflategate, the Cardinals have to deal with the special agents of the FBI. Cheat using underinflated footballs, face a fine and suspension; cheat using performance-enhancing drugs and get suspended and stripped of your Tour de France wins; cheat by hacking and face felony charges under Title 18 of the US criminal code.

Much like the federal government database maintained by the Office of Personnel Management, the Astros database represents an operational bounty. While the Times story did not reveal the target of the investigation, it's unlikely that players were involved in any hacking that may have taken place. The debate will now ferment over whether this was just rogue employees or what senior management knew and when.

Regardless of who gets prosecuted or potentially serves time, this is probably just the beginning of a dangerous new phase of cheating in professional sports. 

Just think about the spoils. If Spanish tennis star Rafael Nadal uses a Fitbit in practice, imagine how many other tennis pros might be interested in getting their hands on the data, just for an extra tiny edge?

We can’t hope that the Cardinals hacking story will be the last such cybersecurity cheating scandal. We can only hope we have a better name for it. Until then … #CyberDeflategate.

Jason Healey (@Jason_Healey) is Senior Research Scholar for cyber policy at Columbia University’s School for International and Public Affairs and Senior Fellow for cyber statecraft at the Atlantic Council.

 

You've read  of  free articles. Subscribe to continue.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.