The World Anti-Doping Agency (WADA) and Court of Arbitration for Sport (CAS) were new targets of a recent breach.
Hackers attempted to compromise the system which held the database that tracks athletes for drug testing but were unsuccessful in obtaining access credentials from either organization.
WADA Hack Attempt
WADA spokesperson said it learned of the hacking event during the Olympics week, though it cannot be pinpointed exactly when the hackers deployed the attacks.
Maggie Durand, communications coordinator, stated that the nonprofit agency was notified through a YouTube video by hackers which claimed that WADA’s website had been breached. It was shown in the video how the WADA server was hacked.
Analysis of the attacks uncovers that the hackers executed an SQL injection flaw along with SQL Injection Automation SQLMap. Thousands of unique email accounts, hashed passwords, as well as personal details of the site’s authors and its contributors formed part of the leak.
WADA acknowledged the hack, but Durand clarified that WADA’s ADAMS doping results database is intact. She tells how they quickly determined that their website was not compromised by hackers through an immediate investigation, and they are continuing to monitor activity.
What strategy did hackers use this time? Phishing emails were sent to WADA database users, with hackers disguised as the official WADA communications asking the recipients for their login credentials.
WADA has not revealed the number on how many users were targeted and whether athletes were likewise targeted by the emails or their plan of action in case the credentials really had been leaked.
What’s certain is that all database users have been notified by WADA about this incident, and has posted a warning on its website in regards to the phishing attempt by hackers.
Athletes primarily utilize the database to enter their obligatory “whereabouts” information. This was gathered for the purpose of making themselves available outside competitions for drug testing. Say hackers got a hold of the athlete’s credentials.
They would be empowered to change that information which would then send testers heading out to the wrong location. In turn, the unknowing athlete can be wrongly blamed for missed drug test.
CAS Hack Attempt
CAS is a Lausanne-based independent institution involved in resolving sports-related legal disputes through arbitration and mediation.
The organization’s jurisdiction is recognized across all Olympic and non-Olympic sports federations, with over 400 cases registered each year.
Matthieu Reeb, CAS secretary general, tells of an attempt done by hackers on the CAS website. This incident is not the first time they’ve fallen under hackers’ crosshairs, and they are pretty much aware that it won’t be the last.
Though it’s confirmed that the hackers were apparently unsuccessful in the attempted breach, investigations are ongoing to make certain that CAS has not suffered any form of damage.
Reeb adds that information found on the CAS website is not confidential, rather intended for the public.
Similar to WADA, CAS got the alert through a YouTube video by a user apparently representing Polish hackers.
The CAS website displayed a quoted message followed by “Please forgive us.” It appeared that the CAS website was doctored to display it.
On a Thursday night, The CAS website was inaccessible as it had been taken down by a DDoS (distributed denial-of-service) attack and was back up and running the next day.
Both WADA and CAS organizations have been making the headlines lately regarding their handling of doping cases, particularly the banning of Russian athletes from the 2016 games following the doping scandals in the country.
The Russian government previously criticized WADA after Russian state manipulation of doping control process has been confirmed in an independent investigation. Targeting the anti-doping agency during the peak of Rio Olympics says a lot on the massive doping controversy, but none of the Russian hackers claimed responsibility.
The hacker behind the WADA and CAS attempted breaches did not state any reason or motive, but it’s apparent they’ve been targeting random platforms. This speculation is based on their Twitter account which claims affiliation with the hacktivist group Anonymous Poland.
The organizations do not blame and attribute hackers to any particular individual, group, or country for the attacks.