Who or What Is Fancy Bear, the Hackers Behind the Olympic Doping Leak

  1. Home
  2. Tech
By Nahema Marchal | 9:45 am, September 14, 2016
Read More

The competitive sports world was rocked this week when a Russian hacking group going by the name of ‘Fancy Bear’ or ‘Tsar Team’ hacked the official website of the World Anti-Doping Agency and leaked a trove of medical records revealing that some of the world’s most revered athletes (Serena Williams, Venus Williams, Simone Biles) had been given a pass to use banned substances because of specific medical needs (such as ADHD treatment). The group claimed called them “licenses for doping.”

The cybersecurity firm Crowdstrike identified the hacking group as the mastermind behind this summer’s DNC email leak that saw the release of thousands of documents politically damaging to Hillary Clinton and the Democratic Party. Fancy Bear has also been linked to hacks of France’s TV5 Monde in April 2015 and the German Bundestag.

Many people imagine hackers as a group of Machiavellian Pinky and the Brain-style nerds sitting behind computers all day long and plotting their next cyber coup. But that description doesn’t quite fit these Slavic vigilantes.

According to Crowdstrike, Fancy Bear (also known as APT 28) is a sophisticated collective which has been in operation since 2008 that has targeted a number of organizations in the defense, energy, government and media sectors. They represent “some of the best adversaries out of all the numerous nation-state, criminal and hacktivist/terrorist groups” the firm has come across, with victims hailing from Western Europe to Brazil, Canada, Iran, Georgia and South Korea.

Fancy Bear is known for having extensively targeted defense ministries and other military systems in ways that often align with the strategic interests of the Russian government itself, leading to allegations that the group is directly affiliated with the GRU — Russia’s main intelligence service.

Their modus operandi is crafty: They create bogus websites with domains closely resembling that of the organizations they plan to attack, and then entice users to reveal sensitive data using phishing messages (fraudulent messages  purporting to be from a trusted source.)

The Russian government has firmly denied having anything to do with the WADA hack.

But alleged links between the Kremlin and the hacking group will undoubtedly fan rumors that the security breach is nothing more than an act of revenge against WADA for publicly humiliating Russia by banning the entire Russian track and field team from the Rio Olympics because of an alleged state-backed doping scheme.

Fancy Bears has pledged to release more confidential records from other national Olympic athletes.