Russia’s cyber war on the Olympics
REVEALED: How British spies exposed and disrupted...
A RUSSIAN plot to sabotage the Olympic games through a series of ‘cynical and reckless’ cyber attacks has been exposed and disrupted by British spies.
Britain last night accused Russia’s military intelligence of targeting officials and organisations at the 2020 Olympic and Paralympic Games due to take place in Tokyo this summer before it was postponed.
Spies at the National Cyber Security Centre (NCSC) also uncovered details of a plot to target the 2018 Winter Olympic and Paralympic Games in South Korea.
In that attack, the GRU’s cyber unit disguised itself as North Korean and Chinese hackers in what was described by the US as a ‘false-flag’ operation.
Russia’s latest attacks came after it was handed a four-year ban from all major global sporting events, including the Olympics, by the World Anti-Doping Agency. This was after Russia was found to have manipulated athletes’ doping data to hide failed drug tests, a decision which Russia appealed against.
Foreign Secretary Dominic Raab said of
‘The intention was to sabotage the Games’
the attacks: ‘The GRU’s actions against the Olympic and Paralympic Games are cynical and reckless. We condemn them in the strongest possible terms. The UK will continue to work with our allies to call out and counter future malicious cyber-attacks.’
The GRU’s cyber unit is alleged to have conducted cyber reconnaissance against organisers, logistics services and sponsors of the Tokyo Games.
This was with the intent of compromising computer systems and sabotaging the running of the Games, the UK said.
The NCSC said it had uncovered new details on Russian cyber-attacks on the 2018 Pyeongchang Games. It said the GRU’s cyber unit attempted to disguise itself as North Korean and Chinese hackers when it targeted the Winter Games’ opening ceremony.
The cyber agency, which is part of Britain’s eavesdropping agency GCHQ, said the GRU had used data- deletion malware in those attacks.
It is understood both the method used and ‘ technical DNA’ within the coding deliberately pointed to an attack by North Korea or China. The NCSC said the intention was to ‘sabotage’ the running of both the Winter Olympic and Paralympic Games because the malware was designed to wipe information from computers and to disable them.
Experts said administrators had worked to isolate the malware and replace affected computers, which had prevented any potential disruption.
This is the first time the attacks have been publicly attributed to the work of the GRU. The Government said the GRU unit behind the attacks on the Olympics is the same one which targeted Ukraine’s electricity grid in 2015.
It was also behind the NotPetya cyber-attack of 2017 which hit Ukrainian financial, energy, and government sectors as well as other European businesses.
The unit is known as the Main Centre for Special Technologies (GTsST), as well as by its field post number 74455 and a number of other names online, including Sandworm and VoodooBear. The NCSC said the same unit is also responsible for an attack on the UK Foreign Office’s computer systems in March 2018, and another targeting the Defence and Science Technology Laboratory (DSTL) in April of the same year.
At that timeDSTL was investigating the Salisbury Novichok poisoning. It is understood the UK is considering any further responses to the attacks.
Paul Chichester, the NCSC’s Director of Operations, said: ‘We condemn these attacks carried out by the GRU and fully support the criminal charges announced today by the US Department of Justice.
‘These attacks have had very real consequences around the world – both to national economies and the everyday lives of people.
‘We will continue to work with our allies to ensure that we are the hardest possible target for those that seek to cause disruption and harm in cyberspace.’