Story image

Russian hackers steal Olympic athletes data: Insights and advice from Webroot

15 Sep 16

Unless you’ve been living under a rock, you’d most likely be aware of the recent hacking of the World Anti-Doping Agency (WADA).

Said to originate from Russia, the group known as Fancy Bear revealed it had stolen information about a number of Olympic athletes, including US tennis sisters Serena and Venus Williams and the high-flying gymnast Simone Biles.

On the Fancy Bear site, the cyber criminals posted that they believe in fair play and clean sport.

"We are going to tell you how Olympic medals are won. We hacked World Anti-Doping Agency databases and we were shocked with what we saw," the website said.

WADA director-general, Olivier Niggli labelled the cyber-crime cowardly and despicable.

"WADA condemns these ongoing cyber-attacks that are being carried out in an attempt to undermine WADA and the global anti-doping system," Niggli says.

According to WADA, the Fancy Bear group is believed to have gained access to its administration and management system via an International Olympic Committee-created account for the Rio games.

With this recent attack, it’s clear that nobody is safe from cyber-crime, no matter how big you may be.

Director of Threat Research at Webroot, David Kennerly affirms that this is a classic example of cyber-criminal craft.

“This attack demonstrates that the humble phishing scam continues to thrive as one of the most effective attack vectors, and is yet another example of the need for strong and continuous communication between organisations and their employees,” Kennerly says. “User education should never be underestimated – it’s arguably the most cost-effective approach to improving the security posture of any organisation.”

Despite the number of cyber attacks every day, many businesses are still unaware of the huge and constant risks – as the WADA example illustrates.

“Employees and users of an enterprise’s IT systems must be educated on the risks associated with phishing, with regular training and testing essential to ensure robust security,” Kennerly says. “Fundamentally, organisations must realise that cybercriminals only need to find one hole in the defences to do serious damage, whereas security professionals have to secure against all eventualities, including phishing.”

It’s certainly an interesting case and one can only hope that other businesses will learn from it.

Hillstone CTO's 2019 security predictions
Hillstone Networks CTO Tim Liu shares what key developments could be expected in the areas of security compliance, cloud, security, AI and IoT.
Can it be trusted? Huawei’s founder speaks out
Ren Zhengfei spoke candidly in a recent media roundtable about security, 5G, his daughter’s detainment, the USA, and the West’s perception of Huawei.
Oracle Java Card update boosts security for IoT devices
"Java Card 3.1 is very significant to the Internet of Things, bringing interoperability, security and flexibility to a fast-growing market currently lacking high-security and flexible edge security solutions."
Sophos hires ex-McAfee SVP Gavin Struther
After 16 years as the APAC senior vice president and president for McAfee, Struthers is now heading the APJ arm of Sophos.
Half of companies unable to detect IoT device breaches
A Gemalto study also shows that the of blockchain technology to help secure IoT data, services and devices has doubled in a year.
Huawei founder publically denies spying allegations
“After all the evidence is made public, we will rely on the justice system.”
Malware downloader on the rise in Check Point’s latest Threat Index
Organisations continue to be targeted by cryptominers, despite an overall drop in value across all cryptocurrencies in 2018.
IoT breaches: Nearly half of businesses still can’t detect them
The Internet of Thing’s (IoT’s) rapid rise to prominence may have compromised its security, if a new report from Gemalto is anything to go by.