At the Winter Olympics of 2018, Russian military spies are believed to have hacked 100’s of computers and attempted to put the blame on North Korea. US intelligence officials spoke to the Washington Post anonymously and claimed that the Russian agents attacked around 300 computers that were being used by the Olympics Authorities.
These Russian agents managed to hack routers and even distributed a new malicious virus leading up to and during the Olympics opening ceremony which was held in Pyeongchang, South Korea.
Earlier in the month of February, Olympic officials confirmed that the Games were attacked by cyber-criminals during the opening of the ceremony on February 9th. This cyber-attack resulted in the official Pyeongchang site to go offline and the Wi-Fi networks in the stadium were also disrupted which led to Internet Protocol Televisions (IPTVs) to not work at the Main Press Center.
The officials refused to let the public know who was behind this cyber-attack. The cyber security researchers at Cisco’s Talos, CrowdStrike and FireEye have identified this malware as the Olympic Destroyer and they believe that its main aim was to destroy targeted systems and wipe any file on the shared network drives. It also caused the website to shut down for over 2 hours which left many attendees unable to get a ticket for the ceremony.
Security experts believe that this attack was carried out to embarrass the organizers and ruin their event instead of stealing data. When speaking to The Post, two US officials claim that Russia’s military intelligence agency, the GRU, is behind this attack and that the Russians infiltrated 300 computers which had data regarding the Olympics. They also added saying that the GRU made the attack seem like it was carried out by North Korea and their hackers by using North Korean IP address. They said that this tactic is known as the ‘false-flag operation’.
It is still not clear whether the Russians wanted to disrupt the opening ceremony or steal the data. The hackers who did this dirty work are believed to be working for GRU and are the same experts who carried out the NoyPetya cyber-attack. The NoyPetya attack of 2017, took down a large number of computers in Ukraine.
Officials believe that this Olympic attack was carried out in retaliation due to the decision made by the International Olympic Committee to ban Russia from the games. This decision was made over the alleged state-sponsored doping scandal. Some Russian athletes did compete in this game but were under a neutral flag as the “Olympic Athletes from Russia”
US officials were worried about the closing ceremony of the winter Olympic back then and claimed that they were watching it closely and will help the Koreans as they request it.
Prior to the Games, Russia has denied any hand in the Cyber-attacks that targeted the event and tried to disrupt it. The Russian ministry told Reuters at that time, “We know that Western media are planning pseudo-investigations on the theme of ‘Russian fingerprints’ in hacking attacks on information resources related to the hosting of the Winter Olympic Games in the Republic of Korea. Of course, no evidence will be presented to the world.”
Source: The Verge
