Sporting bans, Russian hackers and the Tokyo Olympics

The World Anti-Doping Agency (WADA) this week announced the imposition of a four-year sporting ban on Russia, which cannot now compete in any major global events, including the 2020 Tokyo Olympics and the 2022 World Cup in Qatar.

Russia had been previously been subject to a three-year suspension over doping allegations. This was lifted in 2018, but as part of that reinstatement, Rusada, the country’s anti-doping agency, had been ordered to pass laboratory data to investigators in January 2019. WADA declared that anomalies in the data showed it had been manipulated: a new ban was therefore announced.

In practice, this only amounts to a prohibition on athletes competing in the name of Russia: those who can prove they have no links to the well-publicised doping scandal will still be able to take part in the competitions under a neutral flag, as they did in the 2018 Winter Olympics in South Korea. Similarly, the country’s national football team will be able to compete in the World Cup in Qatar, albeit without the Russian national anthem ringing out around the stadiums.

Travis Tygart, the chief executive of the US Anti-Doping Agency, called the latest ban “a charade” and said it was “Groundhog Day for Russian corruption” in sport. He added: “It is farcical that Russian athletes will still be able to take part in the 2020 Olympics and that Russian footballers will still be able to play at the 2022 World Cup. Everyone in sport will be able to see through this charade: it will be the same as the Winter Olympics in Pyeongchang when hundreds of Russian athletes were able to take part.”

It would seem likely that Russia had been expecting the latest suspension. In October this year, Microsoft reported a new campaign of cyber attacks being carried out by Russian state-sponsored hacker group FancyBear, which is also known by a wide variety of other names, including APT28, Sofacy, Strontium and GrizzlySteppe.

This highly sophisticated group has the time and resources to pursue targets of interest and adapt malware in order to avoid detection. Its primary purpose comprises both cyber espionage and an effort to manipulate global events to further Russia’s sphere of influence and to compete with the rest of the world.

Microsoft claimed at least 16 sporting and anti-doping organisations had been targeted in a new campaign that started in September, and that it had tracked the attacks back to FancyBear.

It is unclear whether any of the targeted organisations were compromised. WADA and the US Anti-Doping Agency, for example, both denied that their systems had been successfully breached.

In fact, this was a resumption of a campaign that originally began in 2016 after the initial ban on Russian athletes had been announced. In response to that, FancyBearsHT embarked on a crusade targeting various sporting organisations in an effort to discredit them for exposing the Russian state-run doping programme.

Attacks were carried out as part of the cyber campaign #OpOlympics. Initially focusing on WADA and the US Anti-Doping Agency, FancyBearsHT published documents containing information on drugs used by high-profile western athletes, alleging cover-ups by the authorities concerned.

The group returned in 2017 with a leak from the International Association of Athletics Federations (IAAF), again citing their actions as part of #OpOlympics.

Continuing their attacks in 2018, the hackers leaked emails and documents from the Canadian Olympic Committee (COC); the group claimed the data included proof that the COC’s pursuit of the doping allegations against Russian athletes was motivated by an aim to improve Canada’s own chances at the Winter Olympics. The Swedish Sports Confederation and the International Luge Federation were among the other organisations targeted.

The attacks on WADA and other sporting organisations initially led to some debate among researchers as to whether FancyBearsHT – which claimed to have carried out the attacks – was actually the same group as FancyBear. It was noted that ‘HT’ was also a widely known acronym on the internet for ‘Hat Tip’. This led to speculation that the hackers were masquerading as FancyBear.

Whatever the truth of the matter, it seems highly likely that Russian state-sponsored groups were and are responsible for the cyber attacks: the hackers have focused on refuting accusations that the Russians are cheats, while also attempting to demonstrate that western athletes have benefited unfairly from the use of ‘therapeutic’ drugs.

Rusada has 21 days to appeal against WADA’s decision, but any case heard at the Court of Arbitration for Sport will doubtless be challenged in turn by sporting organisations and athletics committees determined to uphold the penalty.

One thing is certain: we can expect further state-sponsored hacking campaigns in the run-up to the Tokyo Olympics that start in Japan in July 2020. While sporting organisations and anti-doping authorities will be targeted, it would be a mistake to assume that other businesses will escape unscathed. Major western companies and sponsors of the Olympics are likely to come under attack, whether in the form of sophisticated campaigns involving Russian state-sponsored hacking groups such as FancyBear, or by independent hacktivists participating in various campaigns for their own reasons, such as the nationalist sentiment promoted by President Putin. On a different note, it might also be remembered that Japan is frequently targeted by animal rights hacktivists.

All companies involved in the sponsorship or organisation of the Tokyo Olympics should therefore be aware that they might be targeted, and take steps to ensure IT systems are fully up-to-date, with software patches applied as soon as they are released.

Scroll to Top