Russian ‘Fancy Bear’ hackers blamed for attack on World Anti-Doping Agency

15 Sep 2016

Metaphor of conflict between Russia and International Olympic Committee because of doping. Image via M-SUR/Shutterstock

The World Anti-Doping Agency has alleged that Russian state-sponsored hackers going by the name Fancy Bear, or Tsar Team (APT 28), are behind the recent hack of the organisation.

Fancy Bear are believed to be the same hackers who breached the Democratic National Committee (DNC) in the US and revealed how the Democrat leadership undermined popular candidate Bernie Sanders in favour of Hillary Clinton.

The World Anti-Doping Agency (WADA) said that a Russian cyber espionage group illegally gained access to its Anti-Doping Administration and Management System (ADAMS) database via an International Olympic Committee (IOC) account created for the Rio 2016 Games.

This week, the hackers published documents showing information about how three of the United States’ most famous athletes – Serena Williams, Venus Williams and Simone Biles – received medical exemptions to use banned drugs.

‘Let it be known that these criminal acts are greatly compromising the effort by the global anti-doping community to re-establish trust in Russia further to the outcomes of the Agency’s independent McLaren Investigation Report’
– OLIVIER NIGGLI, DG, WADA

WADA claims that Fancy Bear accessed athlete data related to the Rio Games, including confidential medical data such as Therapeutic Use Exemptions.

Russian revenge for whistleblowing

The organisation claims that some of this data was released into the public domain accompanied by a threat from the hackers that more data will be released.

Access to ADAMS was obtained through spear phishing – phishing attempts aimed at specific targets – of email accounts, enabling access to the databases. No other data is believed to have been compromised at this point.

In early August, Yuliya Stepanova’s password for ADAMS was illegally obtained, allowing a perpetrator to access her account on ADAMS.

Stepanova was the key whistleblower for WADA’s Independent Pound Commission, which exposed widespread doping in Russian athletics.

“WADA deeply regrets this situation and is very conscious of the threat that it represents to athletes whose confidential information has been divulged through this criminal act,” said Olivier Niggli, Director General, WADA.

“We are reaching out to stakeholders, such as the International Olympic Committee, International Sports Federations (Ifs) and national anti-doping organisations (NADOs), regarding the specific athletes impacted,” he continued.

“WADA condemns these ongoing cyberattacks that are being carried out in an attempt to undermine WADA and the global anti-doping system,” said Niggli. “WADA has been informed by law enforcement authorities that these attacks are originating out of Russia.

“Let it be known that these criminal acts are greatly compromising the effort by the global anti-doping community to re-establish trust in Russia further to the outcomes of the Agency’s independent McLaren Investigation Report,” Niggli said.

WADA said it is cooperating with the relevant law enforcement agencies, and is conducting internal and external security vulnerability checks, as well as urging stakeholders to manage passwords.

Fancy Bear is considered by security experts to be one of the best cyber espionage teams in the world, having hacked not only the DNC, but also NATO and various East European governments.

To date, Fancy Bear’s focus appears to have been on stealing political and military secrets. In the case of WADA, however, it appears to be a punitive exercise motivated by Stepanova’s whistleblowing of doping among Russian athletes.

Russia/Olympic anti-doping controversy image via Shutterstock

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years

editorial@siliconrepublic.com