Russian Spies Attacked Olympic Games With Malware

The GRU, Russia’s military intelligence service are accused of hacking officials and organisations at the 2020 Olympic and Paralympic Games which were were due to take place in Tokyo in th 2020 summer, before being postponed due to the Coronavirus epidemic. The attacks on the 2020 Summer Games are the latest in a campaign of Russian malicious cyber activity against the Olympic and Paralympic Games.

Many previous ascribed Russian cyber-attacks have been against the state institutions of Moscow’s political opponents, but some of this activity has been directed at the agencies conducting inquiries into Russian sports doping.

The British government has recently confirmed  the extent of GRU targeting of the 2018 Winter Olympic and Paralympic Games in Pyongyang, Republic of Korea, disguising itself as North Korean and Chinese hackers when it targeted the opening ceremony of the 2018 Winter Games. It went on to target broadcasters, a ski resort, Olympic officials and sponsors of the games in 2018. Foreign Secretary Dominic Raab said, “The GRU’s actions against the Olympic and Paralympic Games are cynical and reckless. We condemn them in the strongest possible terms…The UK will continue to work with our allies to call out and counter future malicious cyber-attacks”.

On 19th October, the US Department of Justice announced criminal charges against Russian military intelligence officers working for the GRU’s destructive cyber unit, also known by the code names Sandworm and VoodooBear. 

These charges are for conducting cyberattacks against the 2018 Winter Games and other cyber-attacks, including the 2018 spear phishing attacks against the UK’s Defence Science and Technology Laboratory. Britain is the first government to confirm details of the breadth of a previously reported Russian attempt to disrupt the 2018 winter Olympics and Paralympics in Pyongyang, South Korea. It declared with what it described as 95% confidence that the disruption of both the winter and summer Olympics was carried out remotely by the GRU unit 74455.

The GRU attacks have used some of the world’s most destructive malware known including: KillDisk and Industroyer, which each caused blackouts in UkraineNotPetya, which caused nearly $1 billion in losses to the three victims identified in the indictment and Olympic Destroyer, which disrupted thousands of computers used to support the 2018 Pyongyang Winter Olympics.  

The revelations potentially come at a difficult time for Donald Trump as the issue of Russian interference in US politics has reappeared in the presidential election campaign. 

President Trump’s personal lawyer Rudy Giuliani and the New York Post have been accused of unwittingly letting themselves be used by Russia to spread disinformation about the Democratic candidate, Joe Biden. The allegations emerged as officials in the United States were indicting the Russian intelligence operatives for interfering with the 2017 French presidential election, shutting down parts of Ukraine's power grid and launching cyber attacks against the 2018 Winter Olympics in South Korea.

The US indictment charges the defendants with conspiracy, computer hacking, wire fraud, aggravated identity theft, and false registration of a domain name.

GovUK:     US Dept. of Justice:      Guardian:        Brisbane Times:     Reuters:

You Might Also Read:

Reshaping The Future Of War With Malware:

 

« British Airways Breach
Voter Data Being Used To Disrupt US Election »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Council of European Professional Informatics Societies (CEPIS)

Council of European Professional Informatics Societies (CEPIS)

CEPIS is the representative body of national informatics associations throughout Europe and represent over 450,000 ICT and informatics professionals in 32 countries.

International Conference on Information Systems Security & Privacy (ICISSP)

International Conference on Information Systems Security & Privacy (ICISSP)

The ICISSP event is a meeting point for researchers and practitioners to address security and privacy challenges concerning information systems.

Center for Strategic Cyberspace & International Studies (CSCIS)

Center for Strategic Cyberspace & International Studies (CSCIS)

CSCIS seeks to advance global cyberspace security and prosperity by providing strategic insights for cyberspace and policy solutions to decision makers.

Namogoo

Namogoo

Namogoo’s disruptive technology identifies and blocks unauthorized product ads that are injected into customer web sessions by client-side Digital Malware.

Network Integrated Business Solutions (NIBS)

Network Integrated Business Solutions (NIBS)

NIBS is an IT services provider offering a range of services with the aim of simplifying and securing technology.

Pluribus One

Pluribus One

Pluribus One develops customized solutions and other data-driven applications to secure your business and your devices.

Czech Accreditation Institute

Czech Accreditation Institute

Czech Accreditation Institute is the national accreditation body for the Czech Republic. The directory of members provides details of organisations offering certification services for ISO 27001.

Finnish Accreditation Service (FINAS)

Finnish Accreditation Service (FINAS)

FINAS is the national accreditation body for Finland. The directory of members provides details of organisations offering certification services for ISO 27001.

Africa ICS Cyber Security Conference

Africa ICS Cyber Security Conference

Africa's largest ICS Cyber Security Conference and Expo. The only platform that will proudly present top level B2B and B2C networking opportunities.

DarkOwl

DarkOwl

DarkOwl provides the world’s largest index of darknet content and the tools to efficiently find leaked or otherwise compromised sensitive data.

UMBRA

UMBRA

UMBRA is solely concerned with protecting governments against Nation State attacks. We are not a consumer or enterprise company.

Lewis Brisbois

Lewis Brisbois

Lewis Brisbois offers legal practice in more than 40 specialties, and a multitude of sub-specialties including Data Privacy & Cybersecurity.

IDX

IDX

IDX is the leading consumer privacy platform built for agility in the digital age.

CyberconIQ

CyberconIQ

CyberconIQ provide an integrated Human Defense Platform that reduces the probability and/or the cost of a cybersecurity breach by measurably improving our clients risk posture and compliance culture.

AuthMind

AuthMind

Prevent your next identity-related cyberattack with the AuthMind Identity SecOps Platform. It works anywhere and deploys in minutes.

Trustmi

Trustmi

Trustmi is a leading fintech cybersecurity solution designed to prevent financial losses from fraud and errors, 24/7.