By Nicole Perlroth and Tariq Panja
Russian state hackers attacked the computer networks of at least 16 national and international sports and anti-doping organizations, Microsoft said Monday. The attacks are the latest in a series of brazen Russian cyberattacks on foreign politicians, sporting officials and anti-doping regulators.
The attacks were timed as the World Anti-Doping Agency deals with the continued fallout from the 2015 Russian doping scandal, which snowballed in recent months after WADA officials discovered that Russian athletes’ failed drug tests had been erased from a critical data set.
According to Microsoft, which helps protect some of the agencies from cyberattacks, the Russian attacks began Sept. 16, just days before WADA announced Russia might face further punishment for inconsistencies in its drug testing data. Microsoft did not name victims of the cyberattacks, but confirmed that some of the Russian attacks were successful.
The company traced the attacks to a group of notorious Russian state-backed hackers known by the alias Fancy Bear. The group is one of two Russian government groups responsible for the 2016 hack of the Democratic National Committee, as well as previous cyberattacks on sports and anti-doping officials between 2014 and 2018. The attacks resulted in the 2018 indictment of seven Russian intelligence officers accused of hacking sports and anti-doping officials, as well as spreading personal emails belonging to antidoping officials and the private medical records of Western athletes. The hacks occurred amid mounting criticism of Russia for its yearslong, state-sponsored doping program.
The latest Russian cyberattacks could factor into WADA’s decision whether or not to punish Russia for possibly manipulating data at the center of the 2015 doping scandal. Russia’s promise to turn over the data set was key to WADA’s decision to lift a ban on Russia’s antidoping agency in late 2018. That determination ended a three-year suspension of Russia’s anti-doping agency that had been imposed after the discovery of one of the most brazen cheating schemes in history, one that corrupted a number of major international sporting events, including several Olympics. As a result of the scandal, Russian athletes were barred from competing under their country’s flag at the 2018 Winter Games in Pyeongchang, South Korea.
In recent months, a WADA investigative team discovered inconsistencies between a data set it received from a whistleblower in 2017 and data submitted by Russian officials last January. Failed drug tests had been deleted from the Russian data set. Last month, WADA officials gave the Russians three weeks to explain the discrepancies. WADA has yet to determine whether it will accept Russia’s explanations.
A WADA spokesman said it was aware of Microsoft’s disclosures Monday but said there was no evidence the agency’s systems were breached in the attack.
Travis Tygart, the chief executive of the U.S. Anti-Doping Agency, said his organization sustained what seemed to be a deliberate brute force password attack in early October. “Nothing penetrated and we were in contact with all our community,” Tygart said Monday. He called the Fancy Bear attacks the “new normal.”
Yury Ganus, the head of Russia’s anti-doping agency, said Monday that he had not been informed of any cyberattacks. Ganus told The New York Times earlier this month that he suspected Russian authorities were monitoring his phone calls and messages after he publicly claimed thousands of changes had been made to an athlete database to cover up failed drug tests. Ganus said the data issue “is the most critical since this doping crisis began.”
Any punishment in the new WADA investigation could include the banning of Russian athletes from major international sports events.