Last updated: 26 January 2018
Fancy Bear has leaked what it asserts are documents stolen from the International Luge Federation (ILF) two weeks ahead of the 2018 Winter Olympics.
On 24 January, the digital espionage group posted a statement explaining its motivation for conducting what it calls “OpOlympics”:
Fancy Bears’ Hack Team has repeatedly reported anti-doping rules violations in summer sports. Today, prior to the Olympic Games in Pyeongchang we decided to call your attention to winter sports that have the same doping-related problems as track and field or football. The obtained documents of the International Luge Federation (FIL) show the violations of the principles of fair play: widespread TUE approvals, missed anti-doping tests and the double standards approach towards guilty athletes.
The threat actor goes on to note how the leaked documents allegedly demonstrate an “institutional conspiracy by… national sports federations” as well as “repeated problems with doping sample bottles.”
This isn’t the first time that Fancy Bear, to which security firm CrowdStrike has attributed the 2016 hack of the U.S. Democratic National Committee (DNC), has targeted athletic organizations in the name of revealing “anti-doping rules violations.” In September 2016, the group infiltrated the World Anti-Doping Agency (WADA) and published private documents concerning athletes whom the Agency has previously evaluated. The data dump followed on the heels of WADA’s recommendation that Russian athletes be banned from the 2016 Rio Olympics over state-sponsored doping practices.
Jason Hart, CTO of Data Protection at Gemalto, is familiar with the 2016 incident along with the fact that WADA found inconsistencies between the data illicitly published by Fancy Bear and the information stored in its Anti-Doping Administration and Management System (ADAMS). For that reason, he is skeptical about the veracity of the documents that Fancy Bear claims to have stolen from the ILF:
Much like Fancy Bears’ hack of the World Anti-Doping Agency’s (WADA) website last year, these documents need to be taken with a pinch of salt, as the hacking group has a history of changing the data they steal to suit their own purposes. This data manipulation poses an arguably greater threat to organizations than simple data theft, as it can allow hackers to alter anything from stock or sales numbers and in this case, potentially the reputations of innocent athletes.
It’s important to note that organizations also make business decisions based on data. As a result, if someone compromises or changes this information, a company could potentially act in a manner that contradicts its interests and/or threatens its continuing viability.
Acknowledging the risks posed by data manipulation, organizations need to conduct a data risk assessment to identify their key data by department and division and determine the risks of what would happen if someone compromised or altered that information. They should then use that assessment to take extra care in protecting the integrity of their most valued data. This process necessitates a two-pronged approach: the application of security controls such as encryption, key management and two-factor authentication (2FA), as well as training of their workforce.
Learn how Gemalto’s solutions can protect your organization against a data manipulation incident.