SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Asia
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewall
#
ransomware
Search
Story image
#
AI Security
#
AI
#
Cyber attacks
Russian hackers steal Olympic athletes data: Insights and advice from Webroot
Thu, 15th Sep 2016
FYI, this story is more than a year old
By Ashton Young, Editor
Follow us

Unless you've been living under a rock, you'd most likely be aware of the recent hacking of the World Anti-Doping Agency (WADA).

Said to originate from Russia, the group known as Fancy Bear revealed it had stolen information about a number of Olympic athletes, including US tennis sisters Serena and Venus Williams and the high-flying gymnast Simone Biles.

On the Fancy Bear site, the cyber criminals posted that they believe in fair play and clean sport.

"We are going to tell you how Olympic medals are won. We hacked World Anti-Doping Agency databases and we were shocked with what we saw," the website said.

WADA director-general, Olivier Niggli labelled the cyber-crime cowardly and despicable.

"WADA condemns these ongoing cyber-attacks that are being carried out in an attempt to undermine WADA and the global anti-doping system," Niggli says.

According to WADA, the Fancy Bear group is believed to have gained access to its administration and management system via an International Olympic Committee-created account for the Rio games.

With this recent attack, it's clear that nobody is safe from cyber-crime, no matter how big you may be.

Director of Threat Research at Webroot, David Kennerly affirms that this is a classic example of cyber-criminal craft.

“This attack demonstrates that the humble phishing scam continues to thrive as one of the most effective attack vectors, and is yet another example of the need for strong and continuous communication between organisations and their employees,” Kennerly says. “User education should never be underestimated – it's arguably the most cost-effective approach to improving the security posture of any organisation.

Despite the number of cyber attacks every day, many businesses are still unaware of the huge and constant risks – as the WADA example illustrates.

“Employees and users of an enterprise's IT systems must be educated on the risks associated with phishing, with regular training and testing essential to ensure robust security,” Kennerly says. “Fundamentally, organisations must realise that cybercriminals only need to find one hole in the defences to do serious damage, whereas security professionals have to secure against all eventualities, including phishing.

It's certainly an interesting case and one can only hope that other businesses will learn from it.

Related stories
Trustifi launches innovative phishing detection training for MSPs
Bugcrowd launches AI bias assessment for secure LLM application use
First-party data collection prioritised due to privacy laws
MotivationWorks upgrades cybersecurity with Radware
92% of global PCs ill-equipped for modern AI, warns Absolute Security
Top stories
i-PRO to support Genetec SaaS with new AI-enabled camera models
Illumio unveils AI enhancements for faster Zero Trust Segmentation adoption
RiverSafe teams up with Cribl to boost IT & data security services
Business leaders anxious over data security – report
Half of online traffic in 2024 generated by bots, report finds