Monday, September 26, 2016

Fancy Bear Strikes Again

During September 2017, the increasingly infamous Russian hacking entity known as “Fancy Bear” leaked more personal and confidential data from the World Anti-Doping Agency (WADA) database. This data included more athletes’ medical information – this time from more countries than just the United States. It is widely believed that these cyber-attacks on WADA are in response to the independent investigations that exposed state-sponsored doping in Russia, a claim that Russian officials denied.   Despite Russia’s renunciation, a strong connection appears to be emerging with Russian state-sponsored hacking operations.  This information is being provided for your situational awareness.

Publication date:                  23 September 2016

Handling requirements:        Traffic light protocol (TLP) GREEN

Attribution/Threat Actors:    Fancy Bear, Fancy Bears & Fancy Bears’ Hack Team     

Actor Type:                           Adversary capabilities have been assessed as Tier V*

Potential Targets:                 USA / International

Past Reporting:                     Red Sky Alliance: DOC-2590, DOC-4007, Message-8625/8625

*State actors who create vulnerabilities through an active program to “influence” commercial products and services during design, development or manufacturing, or with the ability to impact products while in the supply chain to enable exploitation of networks and systems of interest.

The full attribution report has been published in its entirety in the Red Sky Alliance portal.  For more information please contact the lab directly at 844-4-WAPACK, 603-606-1246, or

About Wapack Labs

Wapack Labs, located in New Boston, NH is a Cyber Threat Analysis and Intelligence organization supporting the Red Sky Alliance, the FS-ISAC and individual organizations by offering expert level targeted intelligence analysis answering some of the hardest questions in Cyber.  Wapack Labs’ engineers, researchers and analysts use deep analysis techniques and visualization to design and deliver transformational cyber-security analysis tools that fuse open source and proprietary information.  The intelligence derived from these tools and techniques serve as the foundation of Wapack Labs’ information reporting to the cyber-security teams of its customers and industry partners located around the world.