Microsoft to shield world chess champion from Russian hackers

Magnus Carlsen, the world-reigning king of chess from Norway, has asked Microsoft to protect him from Russian hackers as he prepares for Friday’s World Championship.

Carlsen will be playing against challenger Sergey Karjakin, from Ukraine – a player whom the Telegraph describes as “fiercely patriotic” and a “darling” of Russian president Vladimir Putin.

25-year-old Carlsen has reportedly spent months preparing for the grueling 12-game match and is currently training at an undisclosed spot in the Caribbean.

He’s relied heavily on high-powered computers to help him analyze his moves. Having his preparations hacked and his moves and analysis stolen could jeopardize his chances of winning, according to Vibeke Hansen, head of communications at Microsoft Norway:

The element of surprise is vitally important in chess.

The last few months before a match are filled with a lot of preparation and hard work; it is crucial that no data is lost or compromised.

Hansen said that Microsoft will protect Carlsen by ensuring he’s got a safe training environment, along with secure communication and collaboration tools.

Those are sound precautions, given how active Russian hacking groups have been lately.

Last Monday, Google disclosed that a critical unpatched Windows vulnerability was being actively exploited.

The following day, Microsoft said a hacking group tied to Russia had launched a targeted spear-phishing attack against unspecified organizations, using the Windows zero-day and two zero-days in Adobe Flash (now patched).

Microsoft said in a threat bulletin that the group behind the attack was Strontium – also known as APT 28, Pawn Storm, Sofancy or Fancy Bear.

Fancy Bear has been tied to the attack on the Democratic National Committee (DNC) and one on the World Anti-Doping Agency (WADA), the latter of which led to the publishing of private details about Olympic stars including Simone Biles.

SecureWorks, a security firm that’s been tracking Fancy Bear for the past year, has published a report about the Russian group’s use of Bitly links in spearphishing campaigns, including the one that captured the Gmail login of John Podesta, Hillary Clinton’s campaign manager.

Microsoft said that Fancy Bear usually targets government agencies, diplomatic institutions, military organizations and affiliated private-sector organizations such as defense contractors and public policy research institutes.

It’s a busy and persistent, group, says Microsoft:

Microsoft has attributed more 0-day exploits to STRONTIUM than any other tracked group in 2016. STRONTIUM frequently uses compromised e-mail accounts from one victim to send malicious e-mails to a second victim and will persistently pursue specific targets for months until they are successful in compromising the victims’ computer.

Once inside, STRONTIUM moves laterally throughout the victim network, entrenches itself as deeply as possible to guarantee persistent access, and steals sensitive information.