The Microsoft Threat Intelligence Center had gotten wind of cyberattacks by Russian group Strontium targeting sports and anti-doping authorities, Microsoft corporate vice president Tom Burt announced in a blog post on October 28.
The blog post detailed that the cyberattack by Strontium, more commonly known as Fancy Bear, had been trying to infiltrate 16 sports and anti-doping organizations on three continents since September 16. Most of the attacks were unsuccessful, but some hit their target. Microsoft reported that the involved parties have been informed.
Microsoft noted that the attack started just days before the World Anti-Doping Agency announced the opening of a fresh investigation into Russia’s data earlier this autumn after inconsistencies were found in laboratory data. The result of the investigation could lead to an indiscriminate ban in upcoming events, including the Tokyo 2020 Summer and the Peking 2022 Winter Olympics and Paralympics Games.
This isn’t the first time Fancy Bear has committed this type of act. As a unit of the Russian military agency GRU, they carried out multiple attacks, the most famous of which was against the Democratic National Committee in the 2016 U.S. election. During the 2018 Olympics, there was a particularly deceptive incident of tampering with apps, emails, wifi, which was made to look like it was carried out by Chinese or North Korean hackers.
The methods used in the most recent attacks are similar to those routinely used by Strontium to target governments, militaries, think tanks, law firms, human rights organizations, financial firms and universities around the world. Strontium’s methods include spear-phishing, password spray, exploiting internet-connected devices and the use of both open-source and custom malware.
The post ended with suggestions on how to prevent hacking, including protecting emails from malware with double identification.
Author: JAPAN Forward