Russian Spies Attacked Olympic Games With Malware

Uploaded on 2020-10-23 in INTELLIGENCE--International, GOVERNMENT-National, FREE TO VIEW, INTELLIGENCE-Hot Spots-Russia, TECHNOLOGY--Hackers

The GRU, Russia’s military intelligence service are accused of hacking officials and organisations at the 2020 Olympic and Paralympic Games which were were due to take place in Tokyo in th 2020 summer, before being postponed due to the Coronavirus epidemic. The attacks on the 2020 Summer Games are the latest in a campaign of Russian malicious cyber activity against the Olympic and Paralympic Games.

Many previous ascribed Russian cyber-attacks have been against the state institutions of Moscow’s political opponents, but some of this activity has been directed at the agencies conducting inquiries into Russian sports doping.

The British government has recently confirmed  the extent of GRU targeting of the 2018 Winter Olympic and Paralympic Games in Pyongyang, Republic of Korea, disguising itself as North Korean and Chinese hackers when it targeted the opening ceremony of the 2018 Winter Games. It went on to target broadcasters, a ski resort, Olympic officials and sponsors of the games in 2018. Foreign Secretary Dominic Raab said, “The GRU’s actions against the Olympic and Paralympic Games are cynical and reckless. We condemn them in the strongest possible terms…The UK will continue to work with our allies to call out and counter future malicious cyber-attacks”.

On 19th October, the US Department of Justice announced criminal charges against Russian military intelligence officers working for the GRU’s destructive cyber unit, also known by the code names Sandworm and VoodooBear. 

These charges are for conducting cyberattacks against the 2018 Winter Games and other cyber-attacks, including the 2018 spear phishing attacks against the UK’s Defence Science and Technology Laboratory. Britain is the first government to confirm details of the breadth of a previously reported Russian attempt to disrupt the 2018 winter Olympics and Paralympics in Pyongyang, South Korea. It declared with what it described as 95% confidence that the disruption of both the winter and summer Olympics was carried out remotely by the GRU unit 74455.

The GRU attacks have used some of the world’s most destructive malware known including: KillDisk and Industroyer, which each caused blackouts in UkraineNotPetya, which caused nearly $1 billion in losses to the three victims identified in the indictment and Olympic Destroyer, which disrupted thousands of computers used to support the 2018 Pyongyang Winter Olympics.  

The revelations potentially come at a difficult time for Donald Trump as the issue of Russian interference in US politics has reappeared in the presidential election campaign. 

President Trump’s personal lawyer Rudy Giuliani and the New York Post have been accused of unwittingly letting themselves be used by Russia to spread disinformation about the Democratic candidate, Joe Biden. The allegations emerged as officials in the United States were indicting the Russian intelligence operatives for interfering with the 2017 French presidential election, shutting down parts of Ukraine's power grid and launching cyber attacks against the 2018 Winter Olympics in South Korea.

The US indictment charges the defendants with conspiracy, computer hacking, wire fraud, aggravated identity theft, and false registration of a domain name.

GovUK:     US Dept. of Justice:      Guardian:        Brisbane Times:     Reuters:

You Might Also Read:

Reshaping The Future Of War With Malware:

 

« British Airways Breach
Voter Data Being Used To Disrupt US Election »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

QATestLab

QATestLab

QATestLab is a leading International software testing company offering a full range of software testing services including security testing.

Telia Cygate

Telia Cygate

Cygate are specialists in information security, data networks, and data centre and cloud technologies.

Kount

Kount

Kount's “decision engine” platform is ideal for managing fraud in online/telephone channels that process payments and onboard new customers.

Secmentis

Secmentis

Secmentis is a cyber security consultancy specializing in penetration testing, threat intelligence, and proactive defense for your IT infrastructure.

Cybonet

Cybonet

Cybonet provides easy to deploy, flexible and scalable security solutions that empower organizations of all sizes to actively safeguard their networks in the face of today’s evolving threats.

Georgia Cyber Center

Georgia Cyber Center

Georgia Cyber Center is dedicated to training the next generation of professionals through education and real-world practice while also supporting innovation in new technologies for online defenses.

EU Joint Research Centre

EU Joint Research Centre

JRC is the European Commission's science and knowledge service which employs scientists to carry out research in order to provide independent scientific advice and support to EU policy.

RocketCyber

RocketCyber

RocketCyber is a Managed SOC platform empowering Managed Service Providers (MSPs) to deliver security services to small and medium businesses.

Aquia

Aquia

Aquia are on a mission to enable innovation and drive transformative change to solve the world’s most pressing and complex cybersecurity challenges.

Alchemy Security Consulting

Alchemy Security Consulting

Alchemy Security Consulting specialise in offensive and defensive cyber security. We find the weak link in your security so you can patch it up fast and avoid being hacked.

Alcatel-Lucent Enterprise (ALE)

Alcatel-Lucent Enterprise (ALE)

We are Alcatel-Lucent Enterprise. Our mission is to make everything connect with digital age networking, communications and cloud solutions.

Oak9

Oak9

Oak9's Security as Code platform dynamically secures Infrastructure as Code (IaC) and deployed cloud workloads, automatically.

Interpres Security

Interpres Security

Interpres Security operationalizes TTP-based threat intelligence and automates continuous exposure monitoring to help CISOs and security practitioners reduce threat exposure.

Cyberverse Foundation

Cyberverse Foundation

Cyberverse Foundation is an organization dedicated to building a robust cybersecurity ecosystem in India.

Identifly

Identifly

Identifly is the leading Australian independent identity consultancy and partner in Australia, helping enterprises implement large scale identity security projects fast.

CloudQuery

CloudQuery

CloudQuery - bringing clarity into cloud infrastructure. The developer-first cloud governance platform for full visibility into security, compliance, and cost.