Microsoft: Russian state hackers attacked anti-doping authorities

Russian state hackers attacked at least 16 international anti-doping groups. That would have happened in the run-up to the Tokyo Olympics next year. Most attacks were unsuccessful, Microsoft says. That company discovered the attacks.

Microsoft attributes the hacks to Fancy Bear or APT28, the hacker division of the Russian military intelligence service GRU. Microsoft also calls the group Strontium. The group is said to have attacked anti-doping authorities and sports organizations around the world. He would have tried to attack at least 16 organizations on three continents. Microsoft does not say what the exact targets were.

The attacks started on September 16, according to Microsoft. That was around the time news of the World Anti-Doping Authority came out of a decision to ban all Russian athletes from sporting events such as the Olympics. It is not the first time that Russia has set its sights on the Olympics. Fancy Bear was also likely responsible for the OlympicDestroyer malware that struck during the 2018 Winter Games in South Korea. Last year, a number of hackers were also arrested for a hack on the Anti-Doping Authority.

According to Microsoft, the hackers used known methods to get into accounts. They allegedly launched spearphishing attacks, hacked IoT devices, and tried commonly used passwords on accounts. The hackers also used both homemade and open source malware to exploit vulnerabilities on computers. Microsoft writes that “some” attacks were successful, but the majority of them were not.