UK pins 'cynical and reckless' Olympic cyberattacks on Russia
Government attributes 2018 campaign to Moscow and claims more assaults were planned for cancelled 2020 summer games
Credit: NurPhoto/NurPhoto/PA Images
The government has attributed to Russia a campaign of cyberattacks that took place during the 2018 winter Olympic and Paralympic games – and claimed that more incursions were planned for this year’s cancelled summer games.
Cyber specialists from Russian military intelligence unit the GRU attempted to disrupt the 2018 winter games in the Korean county of Pyeongchang with a series of attacks on resorts, Olympic officials, and government targets, the National Cyber Security Centre has concluded. This is the first time that any such attacks have been attributed.
“The GRU’s cyber unit attempted to disguise itself as North Korean and Chinese hackers when it targeted the opening ceremony of the 2018 winter games,” the government said. “It went on to target broadcasters, a ski resort, Olympic officials and sponsors of the games in 2018. The GRU deployed data-deletion malware against the winter games IT systems and targeted devices across the Republic of Korea using VPNFilter. The NCSC assesses that the incident was intended to sabotage the running of the winter Olympic and Paralympic games, as the malware was designed to wipe data from and disable computers and networks.”
Security professionals working at the games mitigated the impact of the attack with an effort to “isolate the malware and replace the affected computers, preventing potential disruption”.
The government claims that Russia had conducted “cyber reconnaissance” ahead of similar planned attacks against the summer Olympics that were scheduled to have taken place in Tokyo this year, before being postponed due to coronavirus. Targets for these assaults include “organisers, logistics services and sponsors”.
In the last couple of years, the UK has become increasingly vocal in attributing attacks to the GRU; these include cyber offences in spring 2018 targeted at two government agencies: the Foreign and Commonwealth Office; and the Defence Science and Technology Laboratory.
Foreign Secretary Dominic Raab said: “The GRU’s actions against the Olympic and Paralympic games are cynical and reckless. We condemn them in the strongest possible terms. The UK will continue to work with our allies to call out and counter future malicious cyberattacks.”
The UK has often stood alongside the US and other international allies in calling out alleged Russian cyber aggression and the US Department of Justice also announced this week that it has brought charges against the GRU cyber unit – which is reported to go by the codenames Sandworm and VoodooBear. The charges relate to the attacks on the Pyeongchang winter Olympics and on the UK’s Dstl military research unit.
Coronavirus has shown the power of data and, according to Sue Daley of techUK, it is crucial that the UK implements the right laws to govern its use and protection
Whistleblower raised concerns about practice that went unheeded
Up to 11 million UK accounts recently saw personal information published online
Dstl opens north-east base
Higher Education institutions are some of the most consistently targeted organisations for cyberattacks. CrowdStrike explores the importance of the right cybersecurity measures.
There are many reasons to keep your Oracle workloads running on local servers. But there are even more reasons to move them to the cloud as part of a wider digital transition strategy. Six Degrees...
SolarWinds explains how public sector organisations can make the most of their hybrid IT investments - delivering services that are both innovative and reliable