Russian Hackers Target World Anti-Doping Agency in Latest Breach

What Happened:

A Russian cyber espionage group known by the name of Tsar Team, also calling itself Fancy Bear, were successful in illegally hacking the World Anti-Doping Agency (WADA). The Anti-Doping Administration and Management System (ADAMS) database was accessed using a compromised account provided to the International Olympic Committee for the Rio 2016 Games.

A release by WADA indicates, “While it is an evolving situation, at present, we believe that access to ADAMS was obtained through spear phishing of email accounts.” Olivier Niggli, Director General, WADA states, “WADA has been informed by law enforcement authorities that these attacks are originating out of Russia.”

In August another attack occurred, “whereby, Yuliya Stepanova’s password for ADAMS was illegally obtained, which allowed a perpetrator to access her account on ADAMS. Ms. Stepanova was the key whistleblower for WADA’s Independent Pound Commission that exposed widespread doping in Russian athletics.”

Who Was Affected:

Unfortunately, well known athletes’ information was included with the release. Among them were Serena Williams, Venus Williams, Simone Biles, and Elena Delle Donne. The documents revealed personal health information including the fact that all were all taking drugs that are on the banned substance list. However, each one of them has a therapeutic use exemption meaning they followed the appropriate rules with respect to athletic competition.

The attackers indicated that they had more documents that were not yet released.

Other facts:

mfa-infographic-are-you-prepared-cropped

How You Can Reduce Your Risk:

While the release indicates that “WADA is taking the necessary measures to ensure that stakeholders securely manage ADAMS passwords and its usage,” unfortunately, we know all too well, with the WADA breach as another example, that passwords alone are not sufficient to protect sensitive data from determined hackers.

As Tom Kemp states, in his blog Multi Factor Authentication Everywhere, “The reality is that users have too many passwords that can be easily stolen via phishing attacks and/or stolen via massive hacks of popular websites’ password files.” He goes on to argue, “Just having a single factor — e.g. a passcode — for logging into a computer account is not as secure, as it is possible that a password can be stolen or guessed. But if you were to have some other “factors” — such as something you have (e.g. an ATM card or a smartcard) and/or something that uniquely identifies you (e.g. a biometric characteristic such as a fingerprint or retina scan) — by combining these factors alongside your password it makes it harder for someone to break into your account.”

This is where Centrify comes in. Centrify offers “a single turnkey platform that provides flexible options for authentication factors, for seamless, adaptive multi-factor authentication (MFA) across enterprise identities and enterprise assets — without frustrating users. The Centrify Identity Platform supports a broad range of enterprise resources, including thousands of Software-as-a-Service (SaaS) applications, dozens of on-premises applications, hundreds of server operating systems as well as leading VPNs and network devices. Additionally, it supports MFA for privileged command execution and Secure Shell (SSH) access to servers deployed both on-premises and in an Infrastructure-as-a-Service (IaaS) environment.”

To learn more about Centrify MFA Everywhere please read about our solution for “Multi-factor Authentication Across Your Enterprise” or check out the webinar “Multi-factor Authentication Everywhere: A Platform Approach to Defending Against Breaches.