In Wake of Russia Ban, Fancy Bear Tries to Discredit the Olympics...Again

The Fancy Bear state-sponsored Russian hacking group is attempting to discredit the Olympics again, releasing dozens of emails purported to be stolen from antidoping officials at the International Olympic Committee (IOC), the United States Olympic Committee and various third-party groups.

Separately, ThreatConnect has identified spoofed domains imitating the World Anti-Doping Agency (WADA), the US Anti-Doping Agency (USADA), and the Olympic Council of Asia (OCASIA).

“These suspicious domains have consistencies with other previously identified Fancy Bear infrastructures and raise the question of a broader campaign against the upcoming 2018 Winter Games,” the firm said.

The supposed email leak comes just weeks after Russia's official ban from the 2018 Winter Olympics in Pyeongchang, South Korea, for widespread, systematic doping. The emails are from the end of 2016 to the spring of 2017, and they concern the investigation into said doping on the part of Russian athletes, with the apparent purpose of discrediting the IOC’s efforts as purely politically motivated and meant to marginalize the Russian state.

For instance, in one message published by the New York Times purporting to be from IOC lawyer Howard Stupp, Stupp complains that lead investigator Richard McLaren issued his damning reports without discussing the findings with sports officials.

“It seems that RM’s first report was intended to lead to the complete expulsion of the Russian team from the Rio Games,” the email reads. “And the second report? To expulse the Russian team from the Pyeongchang Games? This put the a very difficult position.”

The group, sometimes known in a pluralized form as Fancy Bears, issued the mails with the declaration that “the Europeans and the Anglo-Saxons are fighting for power and cash in the sports world.”

The claims of injustice are thus far falling on deaf ears among Olympics officials, who also seem unconcerned about the content of the emails. It’s unclear if the emails are legitimate – Russian hackers have a history of inserting false material into what they claim is original.

"The Fancy Bears are a criminal organization which seeks to undermine the work of WADA and its partners," World Anti-Doping Agency (WADA) spokesperson Maggie Durand told WIRED. "Everything that they have posted today is dated."

This is not the first time that the group has retaliated over doping charges. In 2016, it hacked the WADA database after the IOC’s decision to recommend a ban on all Russian athletes at the Rio Games and subsequently leaked confidential medical information for US Olympic gymnastics star Simone Biles, tennis champions Serena William and Rafael Nadal, golfer Justin Rose and Britain’s Olympic gold medalist in track and field, Mo Farah.

The records did not show the use of any performance-enhancing drugs; rather, they detailed "Therapeutic Use Exemptions” (TUEs), which allow the use of banned substances due to athletes' verified medical needs. For instance, they suggested Biles has ADHD and takes medication for that and that Williams was treated with corticosteroids for injuries.

As the USADA explains on its website: “The TUE application process is thorough and designed to balance the need to provide athletes access to critical medication while protecting the rights of clean athletes to compete on a level playing field.” 

What’s Hot on Infosecurity Magazine?