What a bunch of dopes! Fancy Bear hackers take aim at drug-testing orgs
Now why would Russian hackers want to compromise anti-doping agencies?
The Russian hacking crew known as Fancy Bear is thought to be actively targeting anti-doping sports agencies.
This according to the team at Microsoft, who have long been tracking the group also known as APT28 or Strontium.
Redmond says that the attacks began in mid-September on the eve of new reports that the World Anti-Doping Agency (WADA) had found Russia's main sport testing labs to be missing key databases chronicling the outcome of tests on Russian athletes.
"At least 16 national and international sporting and anti-doping organizations across three continents were targeted in these attacks which began September 16," Microsoft corporate VP of customer security and trust Tom Burt explained.
"Some of these attacks were successful, but the majority were not. Microsoft has notified all customers targeted in these attacks and has worked with those who have sought our help to secure compromised accounts or systems."
Redmond notes that this isn't the first time the Fancy Bear crew has taken aim at anti-doping groups. The 2018 US court indictment of the group's members was handed down in response to Fancy Bear's successful efforts earlier that year to steal and post correspondence from anti-doping investigators who handled the 2016 Russian doping scandal, a case that led to Olympic bans for athletes from the former Soviet Union.
Russian sports doping whistleblower fears for safety after hackREAD MORE
Like that hack, these latest efforts involve a range of both sophisticated attacks like custom malware and exploits, low-tech methods like password brute-forcing, and non-technical social engineering tricks like spear-phishing.
Because Fancy Bear is believed to work hand-in-hand with the Russian government in choosing its targets and carrying out attacks, Microsoft says these attacks on anti-doping bodies are particularly important to note.
"We think it’s critical that governments and the private sector are increasingly transparent about nation-state activity so we can all continue the global dialogue about protecting the internet," said Burt.
"We also hope publishing this information helps raise awareness among organizations and individuals about steps they can take to protect themselves." ®