
WADA Confirms Attack by Russian Cyber Espionage Group - mzs
https://www.wada-ama.org/en/media/news/2016-09/wada-confirms-attack-by-russian-cyber-espionage-group
======
supergirl
> Let it be known that these criminal acts are greatly compromising the effort
> by the global anti-doping community to re-establish trust in Russia

Seems like they imply the Russian state is behind this but they don't
explicitly say it, probably because they have no proof, as always. What trust
do I have in WADA when they clearly have a bias against Russia?

~~~
tptacek
The conclusion is not WADA's, so your distrust of WADA has very little to do
with the story.

~~~
supergirl
What do you mean? That statement was made by Olivier Niggli, Director General,
WADA

~~~
conistonwater
They are not the organization that conducted the investigation.

~~~
supergirl
You didn't get me. In this post they say the attack originated in Russia. I
hope you don't think that automatically means the government did it. In any
case, wada does not explicitly accuse the government. But still they give that
condescending statement, as if Russia now has to become a country without
criminals to win trust back. I think it is telling of their bias.

~~~
celticninja
You would do well to read the article, specifically:

“WADA has been informed by law enforcement authorities that these attacks are
originating out of Russia,”

A quick google search of Fancy Bears (the name the hackers have used on their
release page) links them to APT28:

"APT28, as it's known by FireEye/Mandiant, is also called Tsar Team by iSIGHT
Partners, Sednit by Eset, Fancy Bear by CrowdStrike, and Operation Pawn Storm
by Trend Micro. This attack group goes after NATO, Eastern European government
and military agencies, defense, and Russian adversaries, the report notes."

WADA didnt investigate, the investigation is done by competent security
analysts, and whilst I am aware that anything is this sphere is possibly
misinformation/propaganda from both sides, it would seem evident that after
Russia were sanctioned for doping, then hackers release data on suspected US
doping that there is an easy link to make. And there is very little to be
gained by another adversary trying to make trouble between the US and Russia
with such an attack.

~~~
supergirl
You would do well to try to understand my comment better. Is there proof this
hacker group is the Russian government? I don's hear any and even wada did not
claim this. Therefore it is a criminal group from Russia. Why should Russia as
a state be punished for its criminals? Is that how it works now?

------
kushti
How WADA can distinguish Russian group from any other? How anti-doping agency
becomes proficient in cyber security?

~~~
bsder
Likely the Royal Canadian Mounted Police (Canada's Federal Police Force) given
that WADA is based in Montreal.

The quote from the article:

"WADA has been informed by law enforcement authorities that these attacks are
originating out of Russia,” he continued."

~~~
celticninja
And even without that it was pretty obvious who the attackers were given the
released data:

1) Focus on US athletes

2) Bear mentioned in name of hackers

3) Focus on sports doping (which Russia was recently found guilty of)

Now I know that many hacks and hackers will obfuscate the trail to them as
much as possible but this is a fairly basic attack with little in the way of
real impact as a result of the releases. It was obvious even to a non-security
professional that the most likely culprits were russian nationalist hackers.

------
helloworld
Sadly, I conclude that devices connected to the Internet are irremediably
insecure. Air-gap it or lose it, I guess.

~~~
Taek
That is ultimately too pessimistic. Security is a gradient, and there's a lot
you can do make yourself both a smaller target, and a harder target.

Compartmentalization is one of the strongest defense tools we have. For
example, with the icloud leaks an attacker was able to gain access to all the
data in a single strike. If it's true that Apple can no longer decrypt user's
icloud data, an attacker now needs to hack people one-by-one. Hacking takes
time and effort, and a one-by-one payoff may make it that hacking icloud is no
longer worth the effort. Users are safer, even though they are still
theoretically vulnerable.

A lot of people are stepping up to the plate to offer stronger security on
digital systems. (Qubes, for example. Let's Encrypt, for example). If choose
to take security seriously, hacking will become harder, the rewards will
plummet, and the world will be safer.

~~~
threeseed
Unless I am mistaken iCloud wasn't compromised.

There was an issue with allowing brute force attacks which was fixed. But all
the publicised hacks were to do with individual accounts being compromised.

~~~
k-mcgrady
99% sure you're right. It was a mix of brute force and phishing iirc.

~~~
threeseed
And social engineering.

I think in one case the "secret questions" used to reset accounts was actually
asked during a media junket by a fake reporter.

------
tdb7893
Recently I've become worried that almost all "leaks" are done by nations.

~~~
cloudjacker
nothing in that article suggested that Fancy Bear was acting as the nation of
Russia.

the game is to sell the data to any nation that bids the highest

~~~
criley2
The Sofacy Group (also known as APT28, Pawn Storm, Fancy Bear and Sednit) was
linked to the FSB (Russian Intelligence) during the German Parliament attack

[http://www.lse.co.uk/AllNews.asp?code=kwdwehme&headline=Russ...](http://www.lse.co.uk/AllNews.asp?code=kwdwehme&headline=Russian_Hackers_Suspected_In_Cyberattack_On_German_Parliament)

~~~
cloudjacker
okay, but the article didn't say that

------
smaili
_While it is an evolving situation, at present, we believe that access to
ADAMS was obtained through spear phishing of email accounts; whereby, ADAMS
passwords were obtained enabling access to ADAMS account information confined
to the Rio 2016 Games._

It's amazing that people are still being phished successfully.

~~~
bsder
Why? It's the standard security imbalance. The attacker only has to be
successful once while the defenders have to _never_ make a mistake.

------
conistonwater
> _“This is just the tip of the iceberg,” a statement posted to the Fancy
> Bears site said. “Today’s sport is truly contaminated while the world is
> unaware of the large number of American doping athletes.”_

What's up with hackers and their English grammar? Shouldn't it be _doping
American athletes_? This reminds of the adjective-word-order rule and
Tolkien's "green great dragons" story. [1]

[1]
[http://languagelog.ldc.upenn.edu/nll/?p=27890](http://languagelog.ldc.upenn.edu/nll/?p=27890)

~~~
gaius
I'll wager their English is better than your Russian.

------
k-mcgrady
Has there been an increase in the number of large hacks originating from
Russia in the last 12-24 months or is reporting just increasing?

------
NN88
This is insanity...and whats worse, is Russian state-media are trying to say
they were doping...theres NO doping on those charts.

~~~
ThinkBeat
As far as leaks go I find it interesting.

We see that athletes are allowed to take some very strong and beneficial drugs
and its not doping.

I had always pictured that "clean" athletes were not eating OxyContin or
required vast amounts of asthma medication to make it through the day. (This
last part if from a different disclosure).

I think an adjustment to the current regiment would be that each athlete
disclose exactly what type of drugs they are consuming.

What is doping and what is not is not arbitrary but it certainly changes over
time.

~~~
__jal
Just like nearly any moral line, morals here are contingent. I think it is
hardly necessary to point out the arbitrariness of which recreational drugs
are illegal, with one of the most dangerous being legal and considered moral
in moderation.

As far as sports drugs, I honestly don't care about it, not being someone who
watches or participates in any of them. But I strongly suspect that we'll see
the "ok"/"not ok" lines being drawn towards maximizing viewers, perhaps with a
sop towards athlete-health down the list somewhere.

I also predict that conversations about doping will sometime soon indirectly
put enough pressure on the US NFL to cause it serious problems about player
brain injury. It is hard to worry about player health regarding drugs and
ignore the people broken by other aspects of the games.

------
kushti
Another question is why doping tests data paid by taxpayers of the World are
not public? Why do we need for hackers (thanks a lot guys dependless on your
nation, race, gender etc) to know the truth?

~~~
jacalata
Lots of things are paid for with tax dollars that shouldn't be automatically
public. Health care, school results - just because someone is an athlete
doesn't mean they lose all right to privacy.

------
ezhik_
Why the hell US government, US media and pro-US organizations (ex. WADA) says
that the Russian government was behind all hacking attacks in the last 6 month
(maybe year or even more)? It sounds like a broken joke from 60s...

Yes, I'm Russian. Yes, I live in Russia. And Yes, I like my country.

~~~
DanBC
Here's a description of Russian state sponsored trolling. It's worth a read,
even though it's long.

[http://www.stratcomcoe.org/internet-trolling-hybrid-
warfare-...](http://www.stratcomcoe.org/internet-trolling-hybrid-warfare-tool-
case-latvia-0)

Especially page 60 onwards is useful.

~~~
ezhik_
I can give you my contacts or meet you anyway in the world, so you can be
sure, that I'm not a troll, that was payed by Russian government. Just pay me
for tickets. I'm just a simple family man, who works as a programmer and in
less the one year I will post my startup here, at Hacker News :)

