Russian Hackers Targeting Anti-Doping Agencies Ahead of 2020 Tokyo Olympics #Cybersecuirty - The Entrepreneurial Way with A.I.

Breaking

Tuesday, October 29, 2019

Russian Hackers Targeting Anti-Doping Agencies Ahead of 2020 Tokyo Olympics #Cybersecuirty

#HackerNews

As Japan gears up for the upcoming 2020 Summer Olympics in Tokyo for the next year, the country needs to brace itself for sophisticated cyberattacks, especially from state-sponsored hackers.

Microsoft has issued a short notice, warning about a new wave of highly targeted cyberattacks by a group of Russian state-sponsored hackers attempting to hack over a dozen anti-doping authorities and sporting organizations around the world.

The attacks are originating from the 'Strontium' Russian hacking group, widely known as

Fancy Bear

or APT28, and are believed to be linked to the upcoming 2020 Summer Olympics in Tokyo.

The Fancy Bear hacking group, also known as APT28, Sofacy,

X-agent

,

Sednit

,

Sandworm

, and Pawn Storm, is believed to be linked to Russian military intelligence agency GRU and has been in operation since at least 2007.

Over these past three decades, the group has been credited to many high profile hacking incidents, like hacking the

US presidential elections

to influence the results, targeting a country with

NotPetya ransomware

, causing

blackouts in the Ukrainian

capital Kiev, and Pentagon breach.

The latest cyberattacks began on September 16, apparently after the World Anti-Doping Agency (WADA) found irregularities in a database from Russia's national anti-doping laboratory, warning that Russian athletes

could face a ban

from competing at Tokyo 2020 Summer Olympics.

Microsoft's Threat Intelligence Center

said

that some of these "significant cyberattacks" were successful, but the majority were not, and that the company notified affected organisations and worked with some of them to "secure compromised accounts or systems."

Microsoft confirmed the Fancy Bear hacking group targeted at least 16 national and international sporting and anti-doping organizations across three continents, but it did not disclose their identity.

The hacking techniques used by Fancy Bear in the latest campaign involves "spear-phishing, password spray, exploiting internet-connected devices, and the use of both open-source and custom malware."

Though these techniques are very well-known and not new, they were evidently proven very effective in previous cyber attacks by Fancy Bear against "governments, militaries, think tanks, law firms, human rights organizations, financial firms and universities around the world."

For example, when the victim opens the malicious document attached to an email, the exploit automatically executes some PowerShell scripts in the background and installs malware over the victim's computer, giving attackers full remote control over it.

This is not the first time when Fancy Bear hackers have targeted anti-doping organisations.

Fancy Bear

leaked confidential athlete data

from the World Anti-Doping Agency (WADA) in retaliation against the agency in 2016 when it took similar action against Russian athletes during the Rio 2016 Games Summer Olympics.

The hacking group has also been accused of conducting similar state-sponsored attacks during the

Pyeongchang 2018 Winter Olympics

held in South Korea when used the "

Olympic Destroyer

" wiper malware to disrupt the Winter Games' official network.

Though the malware did not disrupt the live feed during the opening ceremony, it was successful in disrupting the official website for the Winter Games for 12 hours, collapsing Wi-Fi in the Pyeongchang Olympic stadium, and failing televisions and internet at the main press center, leaving attendees unable to print their tickets for events or get venue information.





Security

via https://www.aiupnow.com

noreply@blogger.com (Swati Khandelwal), Khareem Sudlow