COVID-19 Impact on Cybersecurity

Christopher Gorog from the New Cyber Frontier podcast has a conversation with Chuck Brooks, one of the “Top 5 people to follow LinkedIn,” Adjunct Professor at Georgetown, and founder of Brooks Consulting International. They discuss the recent impact of the COVID-19 crisis on the cybersecurity community. Listen and join in on the conversation!

A call to action

The Cyber Resilience Institute (CRI), through the Sports-ISAO Program Office, will be focusing its efforts this summer on monitoring online threats to health-related critical infrastructure. Not only has the coronavirus pandemic disrupted ordinary life, but malicious entities are engaged in unconscionable attacks on the very system so critically needed right now.

CRI, as a nonprofit devoted to building community cyber capacity, and Sports-ISAO, an organization devoted to protecting the sports community from cyberattack, assembled its cadre of cyber researchers, bloggers, interns, and managers to reach a common belief that the collective resources could be best used in the common defense of the health industry.

Supporting the health industry became obvious when, as an intern observed, Sports-ISAO has been a leader in detecting and reporting on the nation-state tactic of coupling cyberattacks with disinformation. Called Hack and Hype, Sports-ISAO has been able to associate certain cyberattacks with nation-state actors, or their proxies, because the attacks have commonly connected to a foreign nation’s disinformation campaign (e.g., Russia’s interest in distancing itself from its repugnant doping scandals). In the COVID-19 environment, we are again seeing disruption in two forms: cyberattacks and disinformation. Accordingly, Sports-ISAO will be monitoring for Hack and Hype activities associated with COVID-19.

In addition to cyberattack research, CRI and Sports-ISAO will use their media resources to publicize bad actors and their bad actions. Attacking hospitals during apandemic is unconscionable! Moreover, attacks upon advanced COVID-19 research and the healthcare supply chain are equally reprehensible. Indeed, many of these attacks are designed to create disruption and to advance the interests of certain nations and their economies. As these connections are made, the team will expose the culprits and their malicious agendas.

In due course, Sports-ISAO will return to its original mission, seeking to protect the Purity of Sport. During the summer months, however, the focus will be on helping to protect healthcare infrastructure and COVID-19 research.

Unsung heroes in Russia’s sports doping scheme

Two interns of the c-Watch Program (a cyber threat intelligence training curriculum) recently read another intern’s article that was posted to the Sports-ISAO blog. That article declared “Russia is the globe’s reigning World Champion of Hack and Hype”.The term “Hack and Hype” refers to Russia’s tactic of coupling hacking with disinformation, all as part of a strategic plan to disrupt the global leadership that has been built upon Western values. In the following article, these two additional interns take note of the heroic efforts of three Russians whose whistleblowing caused international investigation of Russian athletic doping, and how the sunshine cast upon Russian dishonesty helped to expose Russia’s Hack and Hype cyber strategy.

There are three unsung Russian heroes who have unintentionally become the guidon bearers of a new order of cyberspace transparency and decency. The Stepanova family (Yulia and Vitaly), along with Grigory Rodchenkov, exposed the realities of athlete doping within the Russian sports world. But for their heroic acts of whistleblowing, the Sochi Doping Scandal would never have been investigated and unmasked, and Russia’s Hack and Hype game plan would not have been exposed.

Simply put, who else but Russia, in retaliation for the anti-doping investigation by the World Anti-Doping Agency (WADA) that led to Russia being barred from the Olympics, would hack and seek to undermine WADA’s legitimacy? We owe it to the Stepanovas and to Rodchenkov for revealing the extent of Russia’s dishonesty and cunning.

Yuliya Stepanova was a top runner within the Russian track and field national team, and her husband Vitaly was employed by the Russian Anti-Doping Agency (RUSADA). The pair fled Russia with their young son in 2014, right before the airing of a German documentary that exposed the widespread Russian state sponsored doping program. Those allegations led to the banning of Russian athletes in the track and field events during the 2016 Olympic Games in Rio de Janeiro. As of today, they are still trying to rebuild their lives, after having left behind most of theirpersonal belongings and the likelihood of ever seeing their families again. Their strong feelings and beliefs in regard to fair sportsmanship took precedence over thecomplications and havoc that their decision would impose upon their own lives.

The case of Grigory Rodchenkov is somewhat different. He was the director of the Russian Anti-Doping Agency (RUSADA). He fled Russia in 2016, and is currently in the witness protection program, after having been exposed as an integral part of the Russian scheme to dope their athletes. Rodchenkov claims that he was tapped by Russian authorities in 2012 to provide performance enhancing drugs to their athletes during the 2014 Winter Olympics in Sochi. Since his departure from Russia, Rodchenkov has willingly provided substantial information relating to the Russian doping scheme. His information is widely believed by many in the International Olympic Committee to be truthful and accurate, given that he no longer resides in Russia and can now speak openly regarding his activities within RUSADA. Rodchenkov has had to endure significant changes to his lifestyle, primarily due to concerns for his life. In the months following the unveiling of the doping scandal, two of RUSADA’s executives died unexpectedly, so Rodchenkov has been placed under US protection.

It is telling that all three Russians elected to start over in the US. Their pursuit of truth now coincides with the global effort to combat disinformation. For them, a part of that disinformation includes having to endure Russian efforts to impugn theircharacter, to change the narrative. Yuliya Stepanova knew full-well the reality of Russian doping, as she herself was doped. She met and married Vitaly and togetherthey opted for truth. Of course, Vitaly also knew the truth, since he worked within RUSADA. Grigory Rodchenov provided a missing link in the truth, because he brought to light the tactics and history of disinformation coming out of Russia. He led RUSADA and knew the inner workings of the Kremlin. All three lost their former livelihoods and family and friendship ties in Russia. They chose truth! And for this, they are unsung heroes.

Hack and Hype, as described in a recent Sports-ISAO blog article, owes its discoveryto these three Russian heroes. Before any Department of Justice indictment of Russian GRU hacking and unmasked affiliation with Fancy Bear (as the blog piece describes), there were these three whistleblowers exposing Russian corruption in sport.One might question the significance of sports to the Kremlin. For Russia, prominence in sports is a means of projecting its world view. Being outed as cheaters wrecks this image and taints their ideology.

Hack and Hype, according to the earlier Sports-ISAO blog post, signifies that a nation sponsors cyberspace activity which couples cyberattacks with disinformation.The article also highlights that Hack and Hype was first detected in sports. Becauseof the importance of sports to revealing Hack and Hype tactics, we felt it was equally important to laud the efforts of three Russian heroes whose honest actions led to the discovery of this Kremlin tactic. We applaud Yulia and Vitaly Stepanova, and Grigory Rodchenkov. They deserve our recognition and the recognition of their fellow country men and women, for standing up for purity and fairness in sports.

c-Watch2020 – Hack and Hype During the COVID-19 Crisis

Time: Thu, Jun 4, 2020 1:00 PM – 2:00 PM EDT

Click here to register for the seminar.

The 2020 global public health crisis has changed lives in many ways, including our online lives. Criminals and cyber hackivists have increased their activities in the areas of cyber crime, fraud, supply chain attacks, ransomware, misinformation/disinformation and other attack vectors. The 2020 c-Watch program will be focused on tracking the hack and hype of the COVID-19 crisis. Join us for this short overview of the 2020 c-Watch program, scheduled to begin June 22, 2020.

Cyber hygiene by the numbers

Host Abe Thompson sits down with Umesh Verma, CEO of Blue Lance as well as the founder of Cyber Houston and the Houston Cyber Summit. They discuss the data behind cyber hygiene, 20 internal controls that are basic block and tackling, and the startling results of the free cyber scans which he offers.