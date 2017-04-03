THE APT28 THREAT GROUP from straight outta Russia has wreaked some havoc on the International Association of Athletics Federations (IAAF) and might have breached some information about some of the kinds of tests that these sporty types take.

The IAAF is straight out of the blocks with a message on this. It's probably more for the media that members, but hey, who are we to judge? We think athletics is mixing cocktails.

"The IAAF has been a victim of a cyber attack which it believes has compromised athletes' Therapeutic Use Exemption (TUE) applications stored on IAAF servers.

"The attack by Fancy Bear, also known as APT28, was detected during a proactive investigation carried out by cyber incident response (CIR) firm Context Information Security, who were contacted by IAAF at the beginning of January to undertake a technical investigation across IAAF systems," it says.

"The presence of unauthorised remote access to the IAAF network by the attackers was noted on 21 February where meta data on athlete TUEs was collected from a file server and stored in a newly created file. It is not known if this information was subsequently stolen from the network, but it does give a strong indication of the attackers' interest and intent, and shows they had access and means to obtain content from this file at will."

Jeez, sounds like a gold medal worthy attack. The IAAF probably won't be giving out any gongs, though, and has already called in the kinds of people who could sort this whole mess out for them.

"Over the past month the IAAF has consulted the UK National Cyber Security Centre (NCSC) and the Agence Monégasque de Sécurité Numérique (Monaco AMSN) and worked with Context to carry out a complex remediation across all systems and servers in order to remove the attackers' access to the network," it explained. "This was carried out and completed over the weekend."

Athletes, in case you were wondering, have already been advised about the issue and the test data and ars advised that if any contact has passed them by then they should contact the IAAF direct. That makes a lot of sense, because after all, the IAAF is all about those athletes.

"Our first priority is to the athletes who have provided the IAAF with information that they believed would be secure and confidential," said IAAF President Sebastian Coe.

"They have our sincerest apologies and our total commitment to continue to do everything in our power to remedy the situation and work with the world's best organisations to create as safe an environment as we can."

Start running Seb because according to the security community Fancy Bear is a massive pain in the arse and it will continue to hit each, any and every target that it can.

"We're once again reminded that threat actors will target both the public and private sector, and everyone, even global sporting bodies, can be vulnerable to these style of attacks. This style of attack reminds us that "data aware" technologies are key in helping to prevent sensitive data from being copied, moved or deleted without approval or permission. This means that, even if a sophisticated hacker manages to breach the network, they are prevented from removing, altering or destroying key information without the required permissions," said Thomas Fischer, security advocate and threat researcher at Digital Guardian.

"Cyber groups like Fancy Bear have an arsenal of tools at their disposal to break down the doors of a network, but that doesn't mean they should be able to walk out with the crown jewels under their arm. Keeping data safe doesn't take a huge investment, it just takes a smart one. Let's hope this is the final reminder to governing bodies of the importance of protecting data." µ