WASHINGTON: The very day in July 2016 that the World Anti-Doping Agency published a devastating report showing how Russia systematically covered up doping by the country's athletes, Moscow's cyber army allegedly went on the attack.
According to a US indictment unveiled on Thursday (Oct 5), hackers from the GRU military intelligence agency began probing for vulnerabilities at the Montreal-based WADA, whose report recommended that the Russian team be banned from the Rio Summer Olympics.
The result was a cyber debacle that paralleled the Russian hack of the US 2016 elections, with the leak of information on drug tests and drug use by hundreds of the world's top athletes, including tennis's Serena and Venus Williams, gymnast Simone Biles, and cyclist Chris Froome.
The US Justice Department indictment of seven GRU hackers details just how far Moscow allegedly went in 2016 to avenge the global sporting world's sanctions.
SPOOF EMAILS, HACKED WIFI
On Jul 26, the International Olympic Committee executive board told individual sports federations to take their own action over the doping. The result was 111 Russian athletes were blocked from joining the Rio games.
One day later, the GRU hackers hit WADA's website with a crippling "distributed denial of service" attack, kicking off what would become a year-long assault on global sporting bodies, according to the indictment.
They deployed phishing and spoofing attacks, injected malware into target computers, and tapped public WiFi systems to steal the login credentials and email access of officials not just of the IOC and WADA, but also FIFA, the international football federation, the International Association of Athletics Federations (IAAF), the US Anti-Doping Agency (USADA), the Canadian Centre for Ethics in Sport (CCES), and the Court of Arbitration for Sport.
Within two weeks of the IOC action, GRU intelligence officers had tricked WADA employees into giving up their logins and passwords to internal communications and WADA's computer system.
Their main ruse was a spearphishing email they sent to employees in the name of the WADA chief technology officer, asking them to click on a link.
In Rio for the Olympics, two GRU operatives hacked into the WiFi systems of hotels where key officials of the IOC, WADA, CAS, and USADA stayed, the indictment said.
That got them an IOC official's login credentials for WADA's secure database of medical and doping test information on the world's elite athletes.
During the Rio Paralympics weeks later, the same approach garnered them a USADA official's login to its massive database, according to the indictment.
By January 2017 the GRU hackers had access to the systems of CCES, FIFA and IAAF.
FANCY BEAR LEAKS
But they didn't wait that long to display their work.
In mid-September 2016, the newly registered domains fancybear.org and fancybear.net published private doping-related files on the world's most famous tennis-playing sisters, Serena and Venus Williams, US gymnastics star Simone Biles, and basketball player Elena Delle Donne.
Venus Williams was forced to defend her use of a WADA-banned medication, for which she had an official exemption.
Biles had to admit that she had taken medication for attention deficit/hyperactivity disorder (ADHD) since childhood.
"Please know I believe in clean sport," she pleaded to the public.
A week later it was British athletes: cyclists Chris Froome and Bradley Wiggins, golfer Charley Hull, and rower Sam Townsend were all forced to explain their drug exemptions.
All told, over one year Fancy Bear spilled the confidential records of nearly 250 athletes from almost 30 countries. The hackers allegedly doctored some of the documents to suggest the athletes had afflictions they did not, like drug addiction or circulatory problems.
And, in a tactic shared with the meddling in the US election, they publicized the leaks through social media and "exclusive" offers to friendly journalists, prosecutors allege.