Russian government-sponsored hackers have infiltrated many anti-doping and sports organizations. At least 16 organizations worldwide were hit by the cyber attacks.
Microsoft security researchers say hacking began on September 16. The incidents followed reports on anomalies found in a database of the Russian national doping laboratory by the World Anti-Doping Agency (WADA).
Athlete’s Relation with Drugs
Russian athletes engaged in the national systematic doping program according to whistle blowers from the country sending information to WADA in support of their statements.
With the controversy on the rise, the team in the country was disqualified from taking part in the 2018 Winter Olympics and competitors are expected to participate as neutrals.
In 2020, Tokyo is set for the Summer Olympics and Russian competitors. The most recent findings of WADA, however, could jeopardize participation.
Once, Fancy Bears Strike
In a brief report today, Microsoft states that the advanced Strontium threat group has launched’ important cyber-attacks’ against various anti-doping and sports organisations.
Strontium is an elite hacker group that is considered to be in charge of the Russian government. The names of APT28, Sofacy, Sednit, Tsar group and Sandworm are also known.
About a year ago, a US grand panel charged seven people for participating in a cyber campaign discrediting international anti-doping organizations that exposed the Russian government-sponsored doping programme.
All of them were Russian Main Intelligence Directorate (GRU) officers and used the name “Fancy Bears Hacking Team” to publish stolen and fake social media information. The disinformation campaign brought attention to journalists.
According to Microsoft, the hackers have failed in all their recent efforts. It is uncertain how many organizations were hacked, but the company says it has alerted its clients that the attacks are taking place and has collaborated with those seeking assistance in protecting compromised accounts or systems.
“The methods used in the most recent attacks are similar to those routinely used by Strontium to target governments, militaries, think tanks, law firms, human rights organizations, financial firms and universities around the world.”
The group relies on several strategies for its intrusions, including spear-phishing, code spraying and the use of internet connected phones. As far as the devices are concerned, they use an open source and custom malware blend.
In the recent campaign, popular IoT devices (VOIP phone, a bureau printer and a video decoder) were compromised to hop on business network machines of interest.