Fancy Bear & WADA Modifications

The World Anti-doping Agency (WADA) released details of the data breach that occurred last month to its Anti-Doping Agency Management System (ADAMS) that had been built specifically for the Rio 2016 Olympic Games.  None of the other WADA systems appear to have been affected by the hack.  Most troubling, however, is that WADA found “inconsistencies” between some of the illicitly published data and its own data in the ADAMS system.  This suggests that some of the data were modified by the attackers.

The attackers gained access to WADA’s ADAMS multiple times between August 25th and September 12th using stolen credentials.  Data that appears to have been modified were Therapeutic Use Exemptions (TUEs) for Bradley Wiggins, Chris Froome, and Fabian Cancellara, as well as other pro cyclists and Olympic athletes.

According to reports from an India-based news affiliate, the hack appears to have been done by the Russian state-sponsored threat actor group: Fancy Bear.  Also known as APT28 for Advanced Persistent Threat #28, this group has been affiliated with a series of high-profile attacks such as the recent data breach at the U.S.’s Democratic National Headquarters, as reported by the Christian Science Monitor. The Indian news agency, FirstPost speculated that modification to the WADA data could have been in retaliation for the elimination of several Russian Olympians due to the doping scandal during the Rio games.  FirstPost’s article appears to have been taken down at this time.

You must be logged in to post a comment Login