The Microsoft Threat Intelligence Center has recently tracked significant cyberattacks originating from a group the company calls Strontium, also known as Fancy Bear/APT28, targeting anti-doping authorities and sporting organizations around the world.
Microsoft's security researchers said that at least 16 national and international sporting and anti-doping organizations across three continents were targeted in these attacks which began September 16th, just before news reports about new potential action being taken by the World Anti-Doping Agency. Microsoft said that some of these attacks were successful, but the majority were not. Microsoft has notified all customers targeted in these attacks.
The hacker group, has been linked to the Russian government, Microsoft said.
This is not the first time Strontium has targeted such organizations. The group reportedly released medical records and emails taken from sporting organizations and anti-doping officials in 2016 and 2018, resulting in a 2018 indictment in federal court in the United States.
Strontium’s methods include spear-phishing, password spray, exploiting internet-connected devices and the use of both open-source and custom malware.
Microsoft previously announced separate Strontium activity we’ve seen targeting organizations involved in the democratic process and has taken legal steps to prevent Strontium from using fake Microsoft internet domains to execute its attacks.
You can protect yourself from these types of attacks in at least three ways. Microsoft recommends, first, that you enable two-factor authentication on all business and personal email accounts. Second, learn how to spot phishing schemes and protect yourself from them. Third, enable security alerts about links and files from suspicious websites.