Russia global sports hacking paralleled US election meddling – indictment
WASHINGTON: The very day in July 2016 that the World Anti-Doping Agency published a devastating report showing how Russia systematically covered up doping by the country’s athletes, Moscow’s cyber army allegedly went on the attack.
According to a US indictment unveiled Thursday, hackers from the GRU military intelligence agency began probing for vulnerabilities at the Montreal-based WADA, whose report recommended that the Russian team be banned from the Rio Summer Olympics.
The result was a cyber debacle that paralleled the Russian hack of the US 2016 elections, with the leak of information on drug tests and drug use by hundreds of the world’s top athletes, including tennis’s Serena and Venus Williams, gymnast Simone Biles, and cyclist Chris Froome.
The US Justice Department indictment of seven GRU hackers details just how far Moscow allegedly went in 2016 to avenge the global sporting world’s sanctions.
On July 26, the International Olympic Committee executive board told individual sports federations to take their own action over the doping. The result was 111 Russian athletes were blocked from joining the Rio games.
One day later, the GRU hackers hit WADA’s website with a crippling “distributed denial of service” attack, kicking off what would become a year-long assault on global sporting bodies, according to the indictment.
They deployed phishing and spoofing attacks, injected malware into target computers, and tapped public WiFi systems to steal the login credentials and email access of officials not just of the IOC and WADA, but also FIFA, the international football federation, the International Association of Athletics Federations (IAAF), the US Anti-Doping Agency (USADA), the Canadian Centre for Ethics in Sport (CCES), and the Court of Arbitration for Sport.
Within two weeks of the IOC action, GRU intelligence officers had tricked WADA employees into giving up their logins and passwords to internal communications and WADA’s computer system.
Their main ruse was a spearphishing email they sent to employees in the name of the WADA chief technology officer, asking them to click on a link.
In Rio for the Olympics, two GRU operatives hacked into the WiFi systems of hotels where key officials of the IOC, WADA, CAS, and USADA stayed, the indictment said. - AFP