Microsoft recently warned about a new wave of targeted cyberattacks by a group of state-sponsored Russian hackers. According to Microsoft’s Threat Intelligence Center report, attackers targeted nearly sixteen International Sporting and Anti-Doping organizations ahead of the 2020 Summer Olympics in Tokyo.
Microsoft stated the attacks are linked to a Russian hacking group “Strontium,” also known as Fancy Bear or APT28, which is believed to be linked to Russian military intelligence agency GRU and has been active since 2007.
The tech giant revealed that the methods used in recent attacks are similar to those previously used by Strontium to target government organizations, think tanks, militaries, law firms, human rights organizations, and financial firms across the world. It’s said that the Strontium group launched a variety of attacks, including spear-phishing, exploiting internet-connected devices, and password spraying.
According to Microsoft, the attacks have occurred in September 2019, after the World Anti-Doping Agency (WADA) announced a ban of all Russian athletes from all upcoming world championships and Olympics sporting events.
“At least 16 national and international sporting and anti-doping organizations across three continents were targeted in these attacks which began September 16th, just before news reports about new potential action being taken by the World Anti-Doping Agency. Some of these attacks were successful, but the majority were not. Microsoft has notified all customers targeted in these attacks and has worked with those who have sought our help to secure compromised accounts or systems,” Microsoft said in a statement.
In order to avoid any kind of cyber threats during the 2020 Olympic and Paralympic Games, the Japanese government introduced a new cybersecurity strategy in 2018. As a part of the strategy, the government plans to create a new body to ensure effective coordination among government agencies, the Olympic organizing committee, municipalities, and business operators to respond to cyber threats.
The government also decided to introduce a five-level scale to classify the severity of cyber-attacks. The severity index categorizes the cyber-attacks into five levels: the lowest level 0 indicates “No Impact” while the highest level 4 indicates “Extremely Grave Impact.” The index would be helpful for people, government, and business entities in understanding the magnitude of threats and taking necessary actions.