The World Anti-Doping Agency (Wada) has condemned Russian hackers for leaking confidential medical files of US Olympic athletes.
Athletes affected include tennis players Venus and Serena Williams and teenage gymnast Simone Biles.
A group calling itself "Fancy Bears" claimed responsibility for the hack of a Wada database.
After the leak, Ms Biles said she had long been taking medicine for Attention Deficit Hyperactivity Disorder.
The hacker group had accused her of taking an "illicit psycho-stimulant", but she said she had "always followed the rules". The Rio Olympics quadruple gold medallist had obtained the necessary permission to take prescription medicine on the Wada banned drugs list, USA Gymnastics said in a statement.
Wada said in a statement that the cyber attacks were an attempt to undermine the global anti-doping system. Russian government spokesman Dmitry Peskov said it was "out of the question" that the Kremlin or secret services were involved in the hacking, Russian news agencies reported. The hackers accessed records detailing "Therapeutic Use Exemptions" (TUEs), which allow the use of banned substances due to athletes' verified medical needs. "By virtue of the TUE, Biles has not broken any drug-testing regulations, including at the Olympic Games in Rio," USA Gymnastics said. Fancy Bears said TUEs amount to "licences for doping". 'Compromising trust' Russia's track and field team were banned from the Rio Olympics over an alleged state-backed doping programme. All of its athletes are barred from the ongoing Paralympics. "Let it be known that these criminal acts are greatly compromising the effort by the global anti-doping community to re-establish trust in Russia," Wada director-general Olivier Niggli said.
US Anti-Doping Agency chief Travis Tygart called the hack "cowardly and despicable". "In each of the situations, the athlete has done everything right in adhering to the global rules for obtaining permission to use a needed medication," he said. The US Olympic Committee has had "zero adverse findings from the Rio Olympic Games that weren't 100% within the medical guidelines set forth by anti-doping authorities," spokesman Patrick Sandusky said.
Earlier this month, Mr Niggli said Wada was experiencing almost daily cyber attacks originating from Russia. Fancy Bears, which is also known as Tsar Team (APT28), has pledged to release confidential records from other national Olympic teams. Analysis: Dave Lee, BBC North America technology reporter It's an old adage in cybersecurity that the weakest point of any supposedly secure system is the people that use it.
Wada says it believes this hack was made possible thanks to a successful spearphishing attack. Phishing is a term given to the technique of tricking a user into giving up crucial information - often by clicking a link that takes them to a malicious website disguised as a familiar one, such as the log-in page for a bank or social network. Spearphishing takes this one significant step further.
While a phishing attack is often aimed at many people in the hope some will fall for it, spearphishing is highly targeted. Hackers perhaps identified a small number of people, or even just one person, and wrote a phishing attack specifically designed to trick them. Other than pushing a message of vigilance among staff, spearphishing is incredibly difficult to defend against.
Attackers often scour the internet, looking for added information on the target that might make an email more believable. Sometimes even knowing a person's favourite football team is enough to tip the balance in making a spearphishing email seem genuine.
The hacker group had accused her of taking an "illicit psycho-stimulant", but she said she had "always followed the rules". The Rio Olympics quadruple gold medallist had obtained the necessary permission to take prescription medicine on the Wada banned drugs list, USA Gymnastics said in a statement.
Doping Allegations |
Wada said in a statement that the cyber attacks were an attempt to undermine the global anti-doping system. Russian government spokesman Dmitry Peskov said it was "out of the question" that the Kremlin or secret services were involved in the hacking, Russian news agencies reported. The hackers accessed records detailing "Therapeutic Use Exemptions" (TUEs), which allow the use of banned substances due to athletes' verified medical needs. "By virtue of the TUE, Biles has not broken any drug-testing regulations, including at the Olympic Games in Rio," USA Gymnastics said. Fancy Bears said TUEs amount to "licences for doping". 'Compromising trust' Russia's track and field team were banned from the Rio Olympics over an alleged state-backed doping programme. All of its athletes are barred from the ongoing Paralympics. "Let it be known that these criminal acts are greatly compromising the effort by the global anti-doping community to re-establish trust in Russia," Wada director-general Olivier Niggli said.
Doping Allegations |
US Anti-Doping Agency chief Travis Tygart called the hack "cowardly and despicable". "In each of the situations, the athlete has done everything right in adhering to the global rules for obtaining permission to use a needed medication," he said. The US Olympic Committee has had "zero adverse findings from the Rio Olympic Games that weren't 100% within the medical guidelines set forth by anti-doping authorities," spokesman Patrick Sandusky said.
Earlier this month, Mr Niggli said Wada was experiencing almost daily cyber attacks originating from Russia. Fancy Bears, which is also known as Tsar Team (APT28), has pledged to release confidential records from other national Olympic teams. Analysis: Dave Lee, BBC North America technology reporter It's an old adage in cybersecurity that the weakest point of any supposedly secure system is the people that use it.
Wada says it believes this hack was made possible thanks to a successful spearphishing attack. Phishing is a term given to the technique of tricking a user into giving up crucial information - often by clicking a link that takes them to a malicious website disguised as a familiar one, such as the log-in page for a bank or social network. Spearphishing takes this one significant step further.
While a phishing attack is often aimed at many people in the hope some will fall for it, spearphishing is highly targeted. Hackers perhaps identified a small number of people, or even just one person, and wrote a phishing attack specifically designed to trick them. Other than pushing a message of vigilance among staff, spearphishing is incredibly difficult to defend against.
Attackers often scour the internet, looking for added information on the target that might make an email more believable. Sometimes even knowing a person's favourite football team is enough to tip the balance in making a spearphishing email seem genuine.
No comments :
Post a Comment