Microsoft Reports Global Cyberattacks on Sporting and Anti-Doping Organizations from Russian Espionage ActorsMicrosoft Reports Global Cyberattacks on Sporting and Anti-Doping Organizations from Russian Espionage Actors
Original release date: October 29, 2019
Microsoft publicly released information revealing an uptick in cyberattacks globally targeting anti-doping authorities and sporting organizations. The Microsoft Threat Intelligence Center (MSTIC) routinely tracks malicious activity originating from the Russian advanced persistent threat (APT) group 28, also known as Fancy Bear, STRONTIUM, Swallowtail, Sofacy, Sednit, and Zebrocy. According to Microsoft, APT28 is targeting sporting and anti-doping organizations using spearphishing, password spraying (a brute force technique), fake Microsoft internet domains, as well as open-source and custom malware to exploit internet-connected devices.
To protect against similar attacks, Microsoft recommends:
• Enabling two-factor authentication on all business and personal email accounts,
• Learning how to spot phishing schemes and protect yourself from them, and
• Enabling security alerts about links and files from suspicious websites.