Russian Cyber Espionage Group Accused of Leaking Data of Olympic Athletes

Source: http://www.securityweek.com/russian-cyberspies-accused-attack-olympics-anti-doping-agency, http://edition.cnn.com/2016/09/15/sport/wada-hacking-craig-reedie/ (Security Week, CNN)

The World Anti-Doping Agency (WADA) has been hacked and they are blaming a Russian cyber espionage group for the breach. WADA is a non-profit organization that was founded by the International Olympic Committee to promote, coordinate and monitor the fight against drugs in sports. Sensitive athlete data has been leaked including confidential medical records.

According to WADA malicious actors had registered two fake WADA accounts, which they used to phish credentials for the Anti-Doping Administration and Management System(ADAMS). Researchers quickly found connections between the attack and the notorious Russia-linked threat actor known as Fancy Bear, APT 28, Pawn Storm, Strontium, Sofacy, Tsar Team, and Sednit. A statement was published on September 6, 2016, by WADA confirming that a Russian spy group was behind the attack on the systems, though it didn’t come to its conclusion on its own and  got information from law enforcement agencies. The hackers were able to access athlete data which included test results from the Rio Games and Therapeutic use exemptions, some of which they published online.

A hacker group has come forth and has taken credit for the attack. The group that leaked the athlete data is calling itself “Fancy Bears”, and it’s website suggests it’s affiliated with with the hacktivist group Anonymous. Fancy Bears claim they have launched OpOlympics, a campaign whose goal is to show that famous athletes from the U.S. and other countries won medals at the Olympics using substances that were banned by WADA. Russia has denied any involvement in the attack against WADA, although this isn’t the first time the country has been accused of a cyber attack in which a hacktivist group takes credit for. In the summer the U.S. Democratic Party’s systems were breached and experts immediately put the blame on APT28/Fancy Bear, but a hacktivist dubbed “Guccifer 2.0” took credit for the attack.