According to The New York Times, Russian state hackers attacked the computer networks of at least 16 national and international sports and anti-doping organizations. The Times cited Microsoft as confirming the attacks were committed by state hackers. The attacks are the latest in a series of brazen Russian cyber attacks on foreign politicians, sporting officials, and anti-doping regulators.
The hacks were timed as the World Anti-Doping Agency deals with the continued fallout from the 2015 Russian doping scandal, which caused many of its Olympic athletes to face a ban from the Games, while the country was excluded from taking part at the Rio 2016 Paralympic Games.
Russia was reinstated as compliant earlier in February of this year, although they may face yet another Games ban after WADA officials discovered that Russian athletes’ failed drug tests had been erased from a critical data set.
According to Microsoft, which helps protect some of the agencies from cyberattacks, the Russian attacks began Sept. 16, just days before WADA announced Russia might face further punishment for inconsistencies in its drug testing data. While Microsoft did not name victims of the cyberattacks, it did confirm that some of the Russian attacks were successful.
The company traced the attacks to a group of notorious Russian state-backed hackers known by the alias Fancy Bear. The group is one of two Russian government groups responsible for the 2016 hack of the Democratic National Committee, as well as previous cyberattacks on sports and antidoping officials between 2014 and 2018.
The attacks resulted in the 2018 indictment of seven Russian intelligence officers accused of hacking sports and anti-doping officials, as well as spreading personal emails belonging to antidoping officials and the private medical records of Western athletes. The hacks occurred amid mounting criticism of Russia for its yearslong, state-sponsored doping program.
The latest Russian cyberattacks could factor into WADA’s decision whether or not to punish Russia for possibly manipulating data at the center of the 2015 doping scandal. Russia’s promise to turn over the data set was key to WADA’s decision to lift a ban on Russia’s anti-doping agency in late 2018.
In response to these attacks, WADA notes the warning issued by Microsoft and can confirm there is no
evidence of any breach of WADA’s systems has occurred.
“WADA takes the issue of cyber-security extremely seriously. The agency closely and continually monitors all its systems, regularly updating and strengthening its defenses – both in terms of technological advancements and by ensuring our users are aware of and properly educated regarding security,” said WADA’s Senior Media and Communications Manager James Fitzgerald.
That determination ended a three-year suspension of Russia’s anti-doping agency that had been imposed after the discovery of one of the most brazen cheating schemes in history, one that corrupted a number of major international sporting events, including several Olympics. As a result of the scandal, Russian athletes were barred from competing under their country’s flag at the 2018 Winter Games in Pyeongchang, South Korea.
In recent months, a WADA investigative team discovered inconsistencies between a data set it received from a whistle-blower in 2017 and data submitted by Russian officials last January. Failed drug tests had been deleted from the Russian data set. Last month, WADA officials gave the Russians three weeks to explain the discrepancies. WADA has yet to determine whether it will accept Russia’s explanations.
Yuri Ganus, the head of the Russian anti-doping agency, said earlier this month that Russia doctored “thousands” of samples, and he says the data could have been manipulated to protect the reputations of star athletes who now hold key government or sport administration positions. Ganus also said that manipulation of the data could only be done by people with access to some of Russia’s most powerful institutions.
Ganus was the official who last December publicly called on Vladimir Putin to turn over data from the Moscow lab out of concern that Russian athletes would be suspended from international competition if the deadline were missed.
Russia is now in a race against time with less than a year to go until the Tokyo 2020 Olympic and Paralympic Games.
Correction: there was no breach of WADA’s systems in these attacks reported by Microsoft. The headline has been modified accordingly.