The Microsoft Threat Intelligence Center recently discovered that a well-known hacking group, Fancy Bear, is targeting anti-doping and sporting organizations around the world.
According to a recent report by Microsoft’s researchers, it would appear that the infamous hacking group known as Fancy Bear (a.k.a. Strontium/APT28) may have started another campaign. This time, the group is targeting the world’s sporting organizations and anti-doping authorities.
With 2020 approaching, people around the globe are anticipating Tokyo Summer Games, which might be impacted by the hackers’ activity. So far, at least 16 different anti-doping and sporting organizations have been targeted.
Researchers believe that attacks started earlier this year on September 16th. Since then, there were numerous attacks, some of which have been successful. Fortunately, researchers think that the majority of attacks had failed. Since noticing the new campaign, Microsoft has done its utmost to notify the affected organizations and work with them on securing their systems.
As for Fancy Bear, this not the first time that the group has attempted to influence such organizations. Back in 2016 and 2018, the group supposedly released emails and medical records that were previously stolen from anti-doping and sporting agencies, which led to the indictment in the US federal court in 2018.
The new wave of attacks uses very similar methods to those that are regularly used by this group. The same methods were used in the past for targeting many other organizations, such as human rights groups, financial companies, law firms, think tanks, universities, and even militaries and governments. Hackers often resort to spear-phishing exploiting devices connected to the internet, and alike.
Earlier this year, the group was also reportedly targeting organizations connected to the democratic process. Researchers have had a lot of examples of how the group operates and gathering this data led to the improvement of security features that Microsoft’s services and products have to offer.
Microsoft also stresses out how important it is for governments, as well as the private sector, to recognize the threat and increase transparency regarding nation-state activities. The company ended its announcement by recommending security measures such as two-factor authentication, enabling security alerts, and researching phishing schemes and how to stop them.
What do you think about Fancy Bear’s new campaign? Are you worried about becoming a victim of a phishing attack? Tell us your thoughts in the comments below.
Images are courtesy of Shutterstock, Pixabay.