Over 15 anti doping and sport organization around the world has been recently hit by different incident of cyber attacks attributed to infamous Fancy Bear group (also known as Strontium/APT28). The attacks raised eyebrows of the sporting community as Summer  Olympics Games set to start in July 2020.

The attack reportedly started on Sep 16 has targeted a large number of sports and anti doping websites and other internet based infrastructure succeeded in meaningful penetration on few occasions but majorly failed, according to a threat alert published by Microsoft on Monday. The names of the targeted organizations have not been mentioned in the report. “ Microsoft has notified all customers targeted in these attacks and has worked with those who have sought our help to secure compromised accounts or systems.,” said Tom Burt, corporate vice president, customer security and trust at Microsoft.  

The methods used in the series of attacks are similar to the techniques regularly used by Strontium to target governments, law firms, militaries, think tanks, financial firms, human rights organizations and universities across the world. Such method includes password spray, spearphishing, exploiting internet-connected devices and the use of both open-source and custom malware. “We’ve previously announced separate Strontium activity we’ve seen targeting organizations involved in the democratic process and have described the legal steps we routinely take to prevent Strontium from using fake Microsoft internet domains to execute its attacks.”, the report reads. Strontium previously attacked anti-doping and sporting organizations, in 2016 and 2018 penetrating various valuable assets, including the World Anti-Doping Agency (WADA). The hackers has been able access the database of WADA and released medical records and emails for U.S. Olympic athlete Simone Biles and tennis stars Serena Williams and Rafael Nadal.

The time of the recent attack also coincide with an warning from WADA, the Russia may face a worldwide sports ban over discrepancies in a lab database. A WADA spokesperson refused any recent breach on WADA’s System. According to WADA “WADA takes the issue of cyber-security extremely seriously. As a matter of course, the Agency closely and continually monitors all its systems, regularly updating and strengthening its defences – both in terms of technological advancements and by ensuring our users are aware of and properly educated regarding security.”

Fancy Bear/Strontium is also linked to Russia by US government which accused the group for election season hacking and disinformation campaign during 2016 presidential election. The group has also been linked to hacking and disinformation attacks during the French and German presidential elections in 2017. In an earlier report Microsoft warned that Strontium was targeting journalists, non-governmental organizations, think-tanks and other members of civil society to influence the May elections for European Parliament. Microsoft’sTom Burt argued all users to activate two factor authentication for their business and personal email accounts, enable security alerts about links and files from suspicious websites and learn how to detect phishing schemes to stay protected from such attacks.