Microsoft Says Russians Hacked Antidoping Agency Computers

Microsoft Says Russians Hacked Antidoping Agency Computers

Russian state hackers attacked the computer networks of at least 16 national and international sports and antidoping organizations, Microsoft said Monday. The attacks are the latest in a series of brazen Russian cyberattacks on foreign politicians, sporting officials and antidoping regulators.

The attacks were timed as the World Anti-Doping Agency deals with the continued fallout from the 2015 Russian doping scandal, which snowballed in recent months after WADA officials discovered that Russian athletes’ failed drug tests had been erased from a critical data set.

According to Microsoft, which helps protect some of the agencies from cyberattacks, the Russian attacks began Sept. 16, just days before WADA announced Russia might face further punishment for inconsistencies in its drug testing data. Microsoft did not name victims of the cyberattacks, but confirmed that some of the Russian attacks were successful.

The company traced the attacks to a group of notorious Russian state-backed hackers known by the alias Fancy Bear. The group is one of two Russian government groups responsible for the 2016 hack of the Democratic National Committee, as well as previous cyberattacks on sports and antidoping officials between 2014 and 2018. The attacks resulted in the 2018 indictment of seven Russian intelligence officers accused of hacking sports and antidoping officials, as well as spreading personal emails belonging to antidoping officials and the private medical records of Western athletes. The hacks occurred amid mounting criticism of Russia for its yearslong, state-sponsored doping program.

The latest Russian cyberattacks could factor into WADA’s decision whether or not to punish Russia for possibly manipulating data at the center of the 2015 doping scandal. Russia’s promise to turn over the data set was key to WADA’s decision to lift a ban on Russia’s antidoping agency in late 2018. That determination ended a three-year suspension of Russia’s antidoping agency that had been imposed after the discovery of one of the most brazen cheating schemes in history, one that corrupted a number of major international sporting events, including several Olympics. As a result of the scandal, Russian athletes were barred from competing under their country’s flag at the 2018 Winter Games in Pyeongchang, South Korea.

In recent months, a WADA investigative team discovered inconsistencies between a data set it received from a whistle-blower in 2017 and data submitted by Russian officials last January. Failed drug tests had been deleted from the Russian data set. Last month, WADA officials gave the Russians three weeks to explain the discrepancies. WADA has yet to determine whether it will accept Russia’s explanations.

A WADA spokesman said it was aware of Microsoft’s disclosures Monday but said there was no evidence the agency’s systems were breached in the attack.

Travis Tygart, the chief executive of the United States Anti-Doping Agency, said his organization sustained what seemed to be a deliberate brute force password attack in early October. “Nothing penetrated and we were in contact with all our community,” Tygart said in a telephone interview Monday. He called the Fancy Bear attacks the “new normal.”

Yury Ganus, the head of Russia’s antidoping agency, said Monday that he had not been informed of any cyberattacks. Mr. Ganus told The New York Times earlier this month that he suspected Russian authorities were monitoring his phone calls and messages after he publicly claimed thousands of changes had been made to an athlete database to cover up failed drug tests. Mr. Ganus said the data issue “is the most critical since this doping crisis began.”

Any punishment in the new WADA investigation could include the banning of Russian athletes from major international sports events.

“As the world looks forward with anticipation to the Tokyo Summer Games in 2020, we thought it important to share information about this new round of activity,” Tom Burt, Microsoft’s corporate vice president of customer security and trust, said in a statement on Monday.

Perhaps the most striking finding in the Microsoft report is this: The Russian state-run hacking group appears unembarrassed, even after being caught repeatedly.

The group often has been found hacking into a variety of organizations. It has been indicted. Its leaders have periodically been exposed. Microsoft has even gone to court to take over web domains created to lure those who fall for its tricks.

And yet, Fancy Bear continues its attacks unabated, striking out at what it perceives to be forces hostile to Russia, or those that are working to expose Russia’s manipulation of doping testing. American intelligence officials have studied the repeated attacks on doping-related targets carefully, trying to draw lessons ahead of the 2020 presidential election — a subject that captivates the Russians as much as the habits of its sports competitors.

In the latest case, Microsoft said Russia’s hackers attacked targets through a combination malicious emails, fictional personas, stolen passwords and malware. In the past, the group has gone to great lengths to compromise its victims. In addition to the usual methods, Russia sent spies from Moscow to Rio de Janeiro for the 2016 Summer Olympics and to Lausanne, Switzerland — the seat of the international Olympic movement — where they logged into the same hotel Wi-Fi networks used by antidoping officials investigating allegations of Russian doping.

Microsoft said Monday that it had alerted all customers targeted in the attack and was working with those who sought to help to secure compromised systems and accounts.

Source link

About The Author

Related posts

Leave a Reply