The Olympic Games are not usually an occasion for espionage and cyber attack. However, the attack on the World Anti-Doping Agency (WADA) showed what a dedicated adversary could do with the massive amounts of data they obtained from such an event.
First Published 14th September 2016
Citius, Altius, Fortius.
4 min read | Reflare Research Team
The World Anti-Doping Agency (WADA) this week confirmed that one of its databases containing drug-testing results had been compromised. It blamed the hack on groups associated with the Russian Government.
Data acquired in the hack was subsequently leaked.
It showed the results of doping tests and so-called “use-exemptions” - the allowed use of restricted substances by athletes for medical reasons. Russia is implicated in the hack as several Russian athletes were disqualified from the Rio Olympics after a state-sponsored doping operation was uncovered and thus a motive for revenge exists.
We have covered the use of cyberattacks against soft targets to damage hard targets in previous weeks. This attack is similar but targets a country’s soft power instead. By attacking sports organizations, potentially incriminating information about a country’s athletes and sports federations can be uncovered which can then be used to discredit them.
As sports teams project soft power, discrediting them can indirectly weaken the influence a country projects globally.
The same kind of attacks can be performed against other sources of soft power such as movie studios, actors, musicians, painters, writers and all other kinds of artists, performers and athletes.
The impact of such attacks is extremely hard to measure. In this case, WADA was hacked using Spear-Phishing attacks.
In Spear-Phishing, members of the organization are carefully monitored to gather as much information as possible about them. An email is then sent that is tailored towards making them specifically perform some action that will allow the attackers to take over the network.
This may mean visiting a malicious website, executing a malicious file or simply making changes to network configurations. Since the attacks are targeted and purposefully refer to people, projects or facts the victim knows, they are much harder to spot and prevent than regular Phishing attacks.
The fallout from the current leak remains to be seen.
While it is hard to predict future hacks, a trend of soft targets being hacked in order to damage governmental actors is apparent. We advise any organization holding hard or soft connections to any government to exercise additional care in the coming weeks as the attack patterns continue to emerge.
We further advise organizations to educate their staff about Spear Phishing attacks and establish a policy that rewards the reporting of suspicious emails.