Say it Ain't So! Serena & Venus Williams, Simone Biles, Compromised in Cyber Hack of WADA

Posted by Greg Mancusi-Ungaro

Wed, Sep 14, 2016

FancyBear1.png

 

Vendetta?  Absolutely.

Yesterday, WADA, the World Anti-Doping Agency, was forced to issue an official statement following the disclosure of personal medical information of three top America Olympians, tennis stars Serena Williams and Venus Williams and gymnastics all-around winner Simone Biles. It's terrible news for the athletes, for WADA, and for the Olympics. According to the leaked information, all three America athletes were taking banned substances -- under approved Therapeutic Use Exemptions -- during the Rio Games.  Here is what WADA said:

While it is an evolving situation, at present, we believe that access to ADAMS [WADA's internal administrative system] was obtained through spear phishing of email accounts; whereby, ADAMS passwords were obtained enabling access to ADAMS account information confined to the Rio 2016 Games. At present, we have no reason to believe that other ADAMS data has been compromised.

Ugh. It's going to be a long few weeks at WADA.

The consensus opinion in the fast-developing story is that the attack was master-minded by the threat actor/group known as Anonymous Fancy Bear.  This is the very the same Russian cyber espionage/hacking group that is credited with last spring's hacking of the Democratic National Committee email server. It appears that the group is tightly linked to Russian government agencies, creating the possibility that this is state-sponsored work.

It seems clear that Fancy Bear is engaged in a revenge attack on the USOC and those that participated in the exposure of systematic Russian state-sponsored doping programs that eventually led to the banning of many Russian athletes from the Rio Olympics and the total ban of the Russian team from the Paralympics.  In early August, an initial attack was made against Yulia Stepanova, the Russian athlete who was one of the whistle-blowers in the doping investigation. Stepanova's personal WADA account was hacked and personal files, including her address were revealed. Fearful for her safety, she and her family have since moved to an undisclosed location. Now, with the attack shifting to top  American athletes, the stakes are ratcheting up even more. Whether or not the drugs were authorized, the reputation damage to these individuals, to the USOC, and to the United States is incalculable.

Unfortunately, the drama is not nearly over. Fancy Bear wrote "“This is just the tip of the iceberg. Today’s sport is truly contaminated while the world is unaware of the large number of American doping athletes.” 

Once again a targeted email, most likely a socially-engineered email, originating from a copycat email domain, convinced an employee to provide or reveal a password to a sensitive internal administrative system. Once the hackers had access to the system they were able to access private records and accounts. And once again, the hackers are able to dictate their terms, leaking the information when it suits them, when it will have the maximum disruptive effect. 

Clearly, the athletes that have been exposed by this action are among the most well-known individuals in the world. That's what makes it headline news. But even when the targets are not public figures, it is never good when malevolent third parties have access to secret information about your company or personal information about your executives. They can use that information to quietly extort money, or put other kinds of pressure on key personnel. 

It is likely that this story is being discussed in C-suites everywhere.  In fact, don't be surprised if you get a call asking about your enterprise's security preparations and safeguards against this kind of attack. 

How will you answer?

These four actions are critical: 

The fallout from today's WADA leaks will take months, or even years to settle. It is a bad situation that will stay bad for a long time. CISOs, take steps today to make sure that your enterprise or institution is not on the wrong side of the next spear phishing scandal.

 

Get Our Latest Posts Automatically via Email

 

 

Topics: data breach, Spear Phishing, BEC Attacks, Social Engineering, External Threat

Subscribe to our weekly CyberThreat Digest

Each week, our Cyber Threat Analyst team prepares a digest of the latest cyber threat news and alerts. Subscribe today and begin receiving it on Monday.

  Get the Weekly CyberDigest

 

Subscribe to receive a weekly summary of our latest posts

Recent Posts

Posts by Topic

see all