MICROSOFT HAS TRACKED a series of cyberattacks heralding from Russia that it warns could derail the Tokyo 2020 Olympics.
Microsoft has tracked "significant" cyberattacks against sports authorities and anti-doping agencies, the tech giant announced Monday. The group, called Strontium, Fancy Bear or APT28, could impact the Tokyo 2020 Olympic Games, Microsoft warned.
The attacks, some of which were successful, were carried out by the hacking group known Strontium, Fancy Bear or APT28 and have so-far targeted at least 16 sporting and anti-doping agencies since they began on 16 September.
Microsoft says it has notified all of its customers that were targeted, adding that individuals and organisations can protect themselves from such attacks "in at least three ways". It's recommending that firms enable two-factor authentication, learn the warning signs of a phishing attack, and enable security alerts about links and files from suspicious websites'.
Microsoft detected the latest round of cyber attacks just before several news reports claimed that the World Anti-Doping Agency (WADA) could take action against Russia over manipulation of data provided to the agency by the country.
Recently, a WADA team found some inconsistencies between a data set sent by a whistleblower in 2017 and the data Russian officials submitted last January. The team also observed the removal of a failed drug test from the Russian data set. In September, WADA gave Russian officials three weeks to explain the discrepancies.
Strontium, which Microsoft has accused of carrying out the latest attacks, is one of the most notorious and oldest cyberespionage groups in the world. It has targeted numerous government agencies, militaries, law firms, think-tanks, financial firms and human rights organisations in the past year.
It uses a variety of techniques, including password spray, spear-phishing and the use of custom and open-source malware and internet-connected devices to execute attacks. Microsoft believes the group has ties with the Russian government.
Earlier in 2016 and 2018, Strontium reportedly released emails and medical records on Olympic athletes, stolen from anti-doping officials and sporting organisations. Those attacks occurred amid mounting criticism of Russia for its state-sponsored doping programme and resulted in the indictment of seven Russian intelligence officers in a US federal court last year.
Microsoft has taken legal steps in the past to prevent Strontium from using fake Microsoft internet domains to carry out its attacks.
AI want to break free
Not making friends, but influencing people
But eager game streaming beavers will have to wait until 2020
No sex please, we're priggish