After Russia was found to have engaged in state-sponsored doping during the 2014 Sochi Winter Games, the International Olympic Committee limited Russian athletes’ participation in the 2016 Games. The IOC also banned Russia from the 2018 Olympics, though some Russian athletes, who were not doping, were allowed to participate under the Olympic flag.

When anti-doping organizations began investigating and speaking out publicly against Russia’s actions, the hackers began intruding into their networks, according to the indictment. The FBI investigation found that these hackers worked remotely from Russia as well as on the ground in several other countries.

For example, during the 2016 Summer Games in Rio de Janeiro, Brazil, the GRU agents sent spear-phishing e-mails that enabled them to find the credentials of an anti-doping official, providing access to sensitive databases. Additionally, coordinating with hackers back in Russia, two members of the group traveled to Rio on another occasion to engage in “close access” cyber operations on a hotel Wi-Fi network that anti-doping officials were using. This gave them access to an anti-doping official’s e-mail account with sensitive information in it.

The hacks were conducted as part of an influence and disinformation campaign designed to undermine and delegitimize organizations that exposed Russia’s state-sponsored doping, expose private health information about athletes from other countries, and damage the reputations of other international athletes by falsely claiming they were using banned substances.