Russian Hackers Launch Cyberattacks Against International Athletics Organizations

Russian hackers are launching cyberattacks against international athletics and anti-doping organizations as regulators threaten to ban Russia from major sports events, according to security researchers.

On Monday, researchers at the Microsoft Threat Intelligence Center announced they uncovered “significant cyberattacks” targeting at least 16 sporting and anti-doping organizations across three different continents. The attacks originated from the Russian hacking group Strontium, otherwise known as Fancy Bear or APT28, Tom Burt, Microsoft corporate vice president for customer security and trust, said in a blog post.

According to the announcement, Fancy Bear employed a range of methods to infiltrate the organizations, including spear-phishing, brute-force attacks, malware and exploitations of internet-connected devices. Though Microsoft didn’t name any of the organizations that were targeted, they admitted some of the attacks were successful.

The attacks began on Sept. 16, just days before the World Anti-Doping Agency threatened to ban Russia from participating in major international competitions—including the Olympics, soccer World Cup and dozens of other sports world championships—citing inconsistencies in lab data.

Specifically, WADA demanded Russian officials explain why failed drug tests for some athletes were scrubbed from the database it shared with the regulator. The controversy comes as part of the continued fallout from the country’s massive state-sponsored doping program, which came to light in 2015. 

The recent intrusions mirror a string of attacks Fancy Bear launched against anti-doping organizations between 2016 and 2018 as the world dug deeper into the doping scandal. In one incident, the group hacked a WADA database and stole medical information on athletes participating in the 2016 Summer Olympics. The attacks led U.S. authorities to indict seven Russian intelligence officers in 2018.

But Fancy Bear’s exploits go far beyond the world of athletics. Security researchers have linked the group to a number of politically motivated cyberattacks in recent years, including the 2016 breach of the Democratic National Committee and multiple intrusions into European government organizations.