Russian hackers are targeting anti-doping organizations after the country was banned from the 2020 Olympics, according to a new report.
Microsoft said this week that it has been tracking cyberattacks from a group known to be linked to Russia, known as Strontium, aka Fancy Bear/APT28. The group is targeting anti-doping organizations prior to the Tokyo Summer Games in 2020, the tech company said in a blog post.
Redmond, Wa.-based Microsoft added that governments around the world and the private sector need to be “transparent about nation-state activity” in order to protect the internet.
“Microsoft clearly labels these nation-state attacks, implying that the Russian government sponsors APT28 (aka Fancy Bear, Strontium) in its efforts,” Paul Bischoff, privacy advocate with Comparitech, told Fox News in an email.
“Russia has a long and sordid history with its athletes doping in the Olympics…The attacks could be an attempt to gain information that could be used against anti-doping regulators and athletes, or they could just be trying to cause damage on a broader scope,” Bischoff added.
APT28 is widely known to be a group of state-backed Russian government hackers.
The Russian embassy did not respond to a Fox News request for comment.
At least 16 national and international sporting and anti-doping organizations were targeted in the attacks, which began Sept. 16, just before news of possible action by the World Anti-Doping Agency (WADA), Microsoft said.
Last month, WADA announced during its meeting in Tokyo that it was giving Russia three weeks to explain what looked like manipulation of critical data from its Moscow lab, which was not matching up with data WADA received from a whistleblower who helped break open the Russian doping scandal in 2016.
For cybersecurity experts at Microsoft, the attackers and style of attack are familiar, much like the recent Strontium attacks targeting governments, militaries, think tanks, law firms, human rights organizations, financial firms and universities around the world, Microsoft said.
Strontium employs tactics such as spear-phishing, which is sending personalized phishing emails from a sender posing as someone the victim trusts and password spraying, typically described as a large-scale, brute-force attack against many accounts using a few commonly-used passwords. Both open-source and custom malware are being used, Microsoft said.
“The Russians are just mad at being thrown under the bus for being caught, yet again, doping on an industrial scale,” Colin Bastable, CEO of Lucy Security, told Fox News.
Microsoft said some of the attacks were successful, but most were not. The software giant has notified all customers targeted in the attacks.
The company provided ways to guard against these attacks, including enabling two-factor authentication on all business and personal email accounts and being up-to-date on how to spot phishing schemes.
Ref;nypost.com