In particular, the attacks come from Russia hacking club "Strontium, Which is also known as Fancy Bear ή APT28. Experts believe the attacks are linked to the upcoming Tokyo Olympic Games.
This hacking team is affiliated with the Russian military agency information GRU and has been active for many years.
Security experts have linked hackers to many attacks, such as interfering with US presidential elections, the attacks on Kiev with the ransomware NotPetya et al.
The attacks began on 16 September. Not long ago, the World Anti-Doping Agency (WADA) had detected irregularities in a database from its national anti-doping laboratory. Ρωσίας and wanted to ban Russian athletes from participating in the Tokyo Olympics. Then the attacks began.
Microsoft said some of these attacks were successful. The company briefed the organizations and worked with them to help them to protect them systems their.
16 sports organizations and anti-doping organizations targeted hackers
Microsoft has confirmed that the hacking team Fancy Bear was attacked at least 16 national and international sports and anti-doping organizations worldwide. However, the company did not provide their names.
Hackers used his techniques spear-phishing and password spray and installed malware in order to achieve their goals.
These techniques are well known and have been used by these hackers in many attacks against "governments, troops, organizations, law firms, organizations for protection human rights, financial corporations and universities around the world. "
Fancy Bear has targeted other Olympic events in the past
Fancy Bear has targeted anti-doping organizations at other times.
2016 the WADA organization had again banned Russian athletes. After that, Fancy Bear breached the organization's systems and leaked confidential data athletes.
The malware affected the official site of the Games for 12 hours and as a result could not receive information and print tickets.
Microsoft warns all businesses and organizations about the risk of hacking the Fancy Bear team and advises them to take protective measures, such as:
- Use two-factor authentication in all accounts e-mail
- Use security alerts to detect suspicious files and links
- Training of officers to detect phishing attacks
How useful was this post?
Average rating 5 / 5. Vote count: 1