Microsoft Says Hacking Group Targeted Anti-Doping Agencies

The attack methods included spearfishing attacks, exploiting internet-connected devices and using both open-source and custom malware.

Bloomberg News

October 29, 2019

2 Min Read
hoodie hacker in a dark room
Getty Images

(Bloomberg) -- Microsoft Corp. on Monday accused a hacking group -- which has been linked to the Russian government -- with targeting 16 sport and anti-doping organizations across three continents.

Some of the attacks were successful but the majority were not, according to a report by Microsoft’s Threat Intelligence Center. The hacks began on Sept. 16 and originated with a hacking group called Strontium, which is also known as Fancy Bear/APT28, the company said in a blog post.

APT28 has been linked to the Russian government by Crowdstrike Holdings Inc. and FireEye Inc., and the U.K. Last year, Microsoft President Brad Smith described Strontium as “a group widely associated with the Russian government” in a statement.

Tom Burt, Microsoft’s vice president of customer security & trust, said the methods used in the most recent attack are similar to previous attacks by Strontium against various targets, including governments, militaries, think tanks and financial firms. The methods include spearfishing attacks, exploiting internet-connected devices and using both open-source and custom malware, he said.

Microsoft didn’t identify the anti-doping and sport agencies that were targeted in the attacks.

The U.S. charged Russian intelligence officers with hacking anti-doping organizations in 2018.

Russia was accused of operating a state-sponsored doping program prior to, during and after the 2014 Winter Olympics in Sochi, Russia. As a result, about 111 Russian athletes were barred from competing in the 2016 Summer Olympics in Rio de Janeiro following a report from the World Anti-Doping Agency. Russian athletes were later banned entirely from the 2018 Winter Olympic games, with some exceptions made for athletes to compete while not representing Russia.

A week after Microsoft says the hacking attacks began in September, the World Anti-Doping agency said it found “inconsistencies” in lab data provided to the agency from a laboratory in Moscow. The agency gave Russian authorities three weeks to respond to the inconsistencies.

A spokesman for the World Anti-Doping Agency said they were aware of Microsoft’s findings but that there was “no evidence of any breach of WADA’s systems having occurred.”

Read more about:


About the Author(s)

Bloomberg News

The latest technology news from Bloomberg.

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like