hankyoreh

The opening ceremony of the 2018 Pyeongchang Winter Olympics. (Pyeongchang Olympics website)

The US and the UK said that Russia was behind a cyber attack on the 2018 Winter Olympics in Pyeongchang, South Korea. The US has filed charges against six intelligence officers with the Russian military in connection with the attack.

The UK’s National Cyber Security Centre (NCSC) announced on Oct. 19 that a unit with Russia’s intelligence service carried out a cyber attack that disrupted events at the Pyeongchang Winter Olympics and Paralympics in 2018.

Following a joint investigation with American intelligence agencies into the Russian cyber attack, the NCSC reported that the attack had been carried out by Military Unit 74455 of the Main Directorate of the General Staff of the Armed Forces of the Russian Federation, better known as GRU. The NCSC said it had established with 95% certainty that Unit 74455 had remotely carried out the disruption of the Pyeongchang Olympics.

According to the British government, Unit 74455 targeted the opening ceremony of the Pyeongchang Olympics while posing as North Korean and Chinese hackers. The unit took down Olympics websites, preventing visitors from printing their admission tickets and blocking digital billboards and Wi-Fi in the stands.

Other major targets of the hacking operation were broadcasters, ski resorts, officials from the Olympics, service providers, and sponsors. That means that the Russia cyber attack on the Olympics impacted not only South Korea but also foreign organizations and individuals connected with the Olympic events. GRU also infiltrated the Pyeongchang Olympics’ IT systems, inserting malicious code designed to delete data.

In addition, the NCSC said that the Russian hackers hatched a plan to launch a cyber attack against the Tokyo Olympics, which were scheduled to be held this summer. The Tokyo Olympics have been delayed because of the COVID-19 pandemic.

UK officials believe that the hackers planned to sow confusion among visitors, athletes, and sponsors at the Tokyo Olympics by stealing important information through phishing attacks, setting up fake websites, and taking over secure accounts from individuals.

“The GRU’s actions against the Olympic and Paralympic Games are cynical and reckless. We condemn them in the strongest possible terms,” said UK Foreign Secretary Dominic Raab.

While Russian hackers had previously targeted state organizations opposed to Russia, they extended their cyber attacks to sports events because Russian athletes were banned from the Tokyo Olympics following a doping scandal.

In December 2019, Russia was banned from participating in international sporting events for four years by the World Anti-Doping Agency. That ruling followed accusations that Russia’s anti-doping body had submitted falsified data to WADA that January. Russia criticized the ban as “anti-Russian hysteria.”

The Guardian said that Russia’s cyber attack on the Pyeongchang Winter Olympics foreshadowed its determination to infiltrate and blackmail organizations seeking to investigate its doping practices.

The US government indicted six Russian intelligence officers on charges of hacking the Pyeongchang Winter Olympics on Oct. 19. The officers are charged with using a worm called NotPetya to attack the Pyeongchang Olympics and a hospital in Pennsylvania. The hackers allegedly developed NotPetya, Olympic Destroyer, and other types of malware and carried out phishing attacks on officials from an Olympics organizing committee and the governments of France and Georgia.

The US Justice Department believes that the NotPetya worm caused more than US$10 billion of damage altogether at more than 300 sites. That would make NotPetya the most destructive cyber attack in history.

US Assistant Attorney General John Demers said that the Olympic Destroyer cyber attack, carried out in retaliation for the doping investigation into Russia’s Olympic team, “combined the emotional maturity of a petulant child with the resources of a nation state.”

“As this case shows, no country has weaponized its cyber capabilities as maliciously and irresponsibly as Russia,” Demers said, noting that three American entities targeted by the attack had suffered damages amounting to US$1 billion.

By Jung E-gil, senior staff writer

Please direct comments or questions to [english@hani.co.kr]