US warns of Russian cyber threat
A US-based cybersecurity firm said it has found early indications that Russian hackers may be planning attacks against anti-doping agencies in retaliation for Russia’s exclusion from next month’s Winter Olympic Games.
Researchers from ThreatConnect Inc said that within the past month, unknown people had registered three web domains that mimic those of the World AntiDoping Agency, the US AntiDoping Agency and the Olympic Council of Asia. The moves bore similarities to the methods that a Russian hacking group known as Fancy Bear used in the past, the cybersecurity firm said in a report.
Fancy Bear was blamed for an Olympics-related hack in 2016, when the World Anti-Doping Agency said the group was responsible for stealing and publishing confidential medical information about Olympic athletes.
The International Olympic Committee (IOC) and the Russian embassy in Washington did not immediately respond to requests for comment.
ThreatConnect said there was no evidence that hackers had used the web domains maliciously, but that the domains could provide the building blocks for future attacks.
Domains that imitate legitimate websites are a common tactic employed by hackers for various types of attacks, such as gaining access to email accounts. The imitation domains “raise the question of a broader campaign against the upcoming 2018 Winter Games,” ThreatConnect said.
The Games in PyeongChang, South Korea, are expected to draw worldwide attention, making the event a potentially valuable target for hackers amid a politicallycharged atmosphere.
The IOC last month banned the Russian national team from the Winter Games for what it called “unprecedented systematic manipulation” of the anti-doping system, although it allowed Russian athletes with a clean history of to compete under a neutral flag.