Russian Spies Attacked Olympic Games With Malware

The GRU, Russia’s military intelligence service are accused of hacking officials and organisations at the 2020 Olympic and Paralympic Games which were were due to take place in Tokyo in th 2020 summer, before being postponed due to the Coronavirus epidemic. The attacks on the 2020 Summer Games are the latest in a campaign of Russian malicious cyber activity against the Olympic and Paralympic Games.

Many previous ascribed Russian cyber-attacks have been against the state institutions of Moscow’s political opponents, but some of this activity has been directed at the agencies conducting inquiries into Russian sports doping.

The British government has recently confirmed  the extent of GRU targeting of the 2018 Winter Olympic and Paralympic Games in Pyongyang, Republic of Korea, disguising itself as North Korean and Chinese hackers when it targeted the opening ceremony of the 2018 Winter Games. It went on to target broadcasters, a ski resort, Olympic officials and sponsors of the games in 2018. Foreign Secretary Dominic Raab said, “The GRU’s actions against the Olympic and Paralympic Games are cynical and reckless. We condemn them in the strongest possible terms…The UK will continue to work with our allies to call out and counter future malicious cyber-attacks”.

On 19th October, the US Department of Justice announced criminal charges against Russian military intelligence officers working for the GRU’s destructive cyber unit, also known by the code names Sandworm and VoodooBear. 

These charges are for conducting cyberattacks against the 2018 Winter Games and other cyber-attacks, including the 2018 spear phishing attacks against the UK’s Defence Science and Technology Laboratory. Britain is the first government to confirm details of the breadth of a previously reported Russian attempt to disrupt the 2018 winter Olympics and Paralympics in Pyongyang, South Korea. It declared with what it described as 95% confidence that the disruption of both the winter and summer Olympics was carried out remotely by the GRU unit 74455.

The GRU attacks have used some of the world’s most destructive malware known including: KillDisk and Industroyer, which each caused blackouts in UkraineNotPetya, which caused nearly $1 billion in losses to the three victims identified in the indictment and Olympic Destroyer, which disrupted thousands of computers used to support the 2018 Pyongyang Winter Olympics.  

The revelations potentially come at a difficult time for Donald Trump as the issue of Russian interference in US politics has reappeared in the presidential election campaign. 

President Trump’s personal lawyer Rudy Giuliani and the New York Post have been accused of unwittingly letting themselves be used by Russia to spread disinformation about the Democratic candidate, Joe Biden. The allegations emerged as officials in the United States were indicting the Russian intelligence operatives for interfering with the 2017 French presidential election, shutting down parts of Ukraine's power grid and launching cyber attacks against the 2018 Winter Olympics in South Korea.

The US indictment charges the defendants with conspiracy, computer hacking, wire fraud, aggravated identity theft, and false registration of a domain name.

GovUK:     US Dept. of Justice:      Guardian:        Brisbane Times:     Reuters:

You Might Also Read:

Reshaping The Future Of War With Malware:

 

« British Airways Breach
Voter Data Being Used To Disrupt US Election »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Digital Shadows

Digital Shadows

Digital Shadows is a cyber threat intelligence company that helps clients discover sensitive data exposed through social media, cloud services and mobile devices

Software Testing News

Software Testing News

Software Testing News provides the latest news in the industry; from the most up-to-date reports in web security to the latest testing tool that can help you perform better.

Oppida

Oppida

Oppida provides tailored IT security services to help you identify security gaps and assist in finding the most effective remediation.

Sage Designs

Sage Designs

Sage Designs is a provider of SCADA, Security & Industrial Automation products and training programs.

Sabasai

Sabasai

Sabasai specialises in all aspects of insider threat management from training and education to building security frameworks and insider threat programs to on-site risk & vulnerability assessments.

Computest

Computest

Computest security testing services include Mobile app security, Vulnerability assessments, Attack & penetration testing, Security awareness training, Network security assessments.

National Cybersecurity Hub - South Africa

National Cybersecurity Hub - South Africa

The mission of the National Cybersecurity Hub is to be the central point of collaboration for cybersecurity incidents in South Africa.

Clavis Information Security

Clavis Information Security

Clavis is an Information Security company offering a complete portfolio of solutions from Pentesting and Security Assessments to Managed Security Services and Training.

Smart Protection

Smart Protection

Smart Protection are experts in brand and trademark protection - we fight against counterfeits and unauthorized usages of brands with machine learning technology.

Upper Peninsula Cybersecurity Institute - Northern Michigan University

Upper Peninsula Cybersecurity Institute - Northern Michigan University

Upper Peninsula Cybersecurity Institute at Northern Michigan University offers non-degree and industry credentials relevant to emerging careers in cybersecurity.

Blaick Technologies

Blaick Technologies

Blaick is an Israeli cyber-security company which deploys proprietary Artificial Intelligence threats detection technology for early prevention of online cyber crime.

Cyber Defence Solutions (CDS)

Cyber Defence Solutions (CDS)

Cyber Defence Solutions is a cyber and privacy Consultancy with extensive experience in the development and implementation of cyber and data security solutions to your assets.

Guernsey

Guernsey

Guernsey provides a wide range of engineering, architecture and consulting services to multiple markets, including cybersecurity consulting and CMMC certification.

Cyber-Security Council Germany

Cyber-Security Council Germany

The German Cyber Security Council's objective is to consult businesses, government agencies and political decision-makers and to support them against cybercrime.

Theori

Theori

Theori tackles the most difficult cybersecurity challenges from an attacker’s perspective and conquers them as the best strategic security experts.

Robust Intelligence

Robust Intelligence

Robust Intelligence enables enterprises to secure their AI transformation with an automated solution to protect against security and safety threats.