Olympic Doping Data Breach Leads to IT Spending Review at WADAby
Agency’s budget may be too small, cybersecurity expert says
WADA says sponsors and broadcasters should pay for clean sport
The hack and continuing leaks of confidential medical files of athletes including Serena Williams, Simone Biles and Tour de France champion Chris Froome have forced the World Anti-Doping Agency to conduct a review of its spending on information technology.
The scandal has focused attention on WADA’s ability to combat hackers, given its budget is less than $30 million.
“Big corporations spend millions of dollars a year on cybersecurity,” said Aviv Grafi, chief technology officer at Israeli security company Votiro, which has contracts with banks, insurance companies and governments. “I agree it would be a challenge for an organization with $30 million.”
In an interview Thursday, WADA President Craig Reedie said he asked the agency’s finance department to provide details of its IT spending over the last five years, and particularly a breakdown for the amount spent on its main Administration and Management System database. That’s where details are kept of athletes’ whereabouts, laboratory results, biological passports, therapeutic use exemptions and failed doping tests.
The release of the data, which Montreal-based WADA says was published by Russian hacker group Fancy Bear, includes details of medication taken by athletes under exemptions for therapeutic use. The U.S. Anti-Doping Agency called the release “cowardly and despicable.” Leaks from WADA have continued for a third day, with hackers making good on a threat to release more details. The latest targets include Froome and fellow British Tour de France champion Bradley Wiggins. So far, data on 29 athletes have been publicized.
Reedie said whatever the result of the review, WADA “can’t spend all our money on IT.” The agency’s finances, which are based on donations from governments that are matched by the International Olympic Committee, have come into the spotlight since it emerged earlier this year that Russia had engaged in a state-sponsored doping program that lasted several years.
WADA Director-General Olivier Niggli said there was “no doubt” the hack was in retaliation for the agency’s investigation into Russia. The country’s government denies involvement and the hackers also released details of a failed test by a Russian boxer at the Rio 2016 Olympics.
“The IOC is cooperating with WADA and has full confidence in their approach, the Olympic Committee said in an e-mail. “At the same time the IOC is checking their systems to take any necessary preventive measures.”
To boost its coffers WADA is for the first time targeting companies that sponsor sports. Still, Reedie said getting more public money is unlikely given “governments aren’t falling over themselves to spend money on anything at the moment.”
The agency is trying to persuade sponsors and broadcasters, which spend billions of dollars on events like the World Cup and the Olympics, that “clean sport is essential to their business,” Reedie said. “We need to to try to persuade people who are rich beyond Croesus.”