Microsoft says hacking group targeted anti-doping agencies

Bloomberg October 29 | Updated on October 30, 2019

Microsoft says the hacking attacks began in September   -  REUTERS

Tech major accuses hacking group Strontium

Microsoft Corp has accused a hacking group, which has been linked to the Russian government, with targeting 16 sport and anti-doping organisations across three continents.

Some of the attacks were successful but the majority were not, according to a report by Microsoft’s Threat Intelligence Center. The hacks began on September 16 and originated with a hacking group called Strontium, which is also known as Fancy Bear/APT28, the company said in a blog post.

APT28 has been linked to the Russian government by Crowdstrike Holdings Inc. and FireEye Inc., and the UK Last year, Microsoft President Brad Smith described Strontium as “a group widely associated with the Russian government” in a statement.

Tom Burt, Microsoft’s vice-president of customer security & trust, said the methods used in the most recent attack are similar to previous attacks by Strontium against various targets, including governments, militaries, think tanks and financial firms. The methods include spearfishing attacks, exploiting internet-connected devices and using both open-source and custom malware, he said.

Microsoft didn’t identify the anti-doping and sport agencies that were targeted in the attacks.

The US charged Russian intelligence officers with hacking anti-doping organisations in 2018.

Russia was accused of operating a state-sponsored doping programme prior to, during and after the 2014 Winter Olympics in Sochi, Russia. As a result, about 111 Russian athletes were barred from competing in the 2016 Summer Olympics in Rio de Janeiro following a report from the World Anti-Doping Agency. Russian athletes were later banned entirely from the 2018 Winter Olympic games, with some exceptions made for athletes to compete while not representing Russia.

A week after Microsoft says the hacking attacks began in September, the World Anti-Doping agency said it found “inconsistencies” in lab data provided to the agency from a laboratory in Moscow. The agency gave Russian authorities three weeks to respond to the inconsistencies.

A spokesman for the World Anti-Doping Agency said they were aware of Microsoft’s findings but that there was “no evidence of any breach of WADA’s systems having occurred.”

Published on October 30, 2019

Follow us on Telegram, Facebook, Twitter, Instagram, YouTube and Linkedin. You can also download our Android App or IOS App.

This article is closed for comments.
Please Email the Editor