U.S. Officials: Russia Hacked Olympics, Tried to Frame North Korea

Russia hacked opening ceremony Olympics North Korea

Over the weekend, anonymous sources in U.S. intelligence acknowledged what has long been suspected: Russia was responsible for the hack on the 2018 Winter Olympics Opening Ceremony. This revelation has not been publicly confirmed; U.S. intelligence bureaus have so far declined official comment on the matter.

The February 9 Opening Ceremony suffered a disruption-oriented attack that affected ticket sales and broadcasts, resulting in large swatches of empty seats during the games. According to the new information, Russia’s intelligence agency GRU accessed as many as 300 Olympics-affiliated computers and deployed malware across host country South Korea’s routers on that day. There is a distinct possibility that the Opening Ceremony hacks coincided with covert intelligence gathering efforts.  

Jake Williams, former National Security Agency cyber-operator and cofounder of cybersecurity firm Rendition Infosec, said in a statement to the Chicago Tribune: “Anyone who controls a router would be able to redirect traffic for one or more selected targets or cause total disruption in the network by stopping the routing entirely. Development of router malware is extremely costly, and Russia would likely use it only in locations where it contributes to accomplishing a high-value goal.”

What that goal might be is not as yet clear. The suspected motive behind the attack is the barring of Russian officials and many Russian athletes due to systematic doping violations. Those athletes from Russia allowed to compete had to do so under the Olympic flag and anthem. Russia has denied all involvement in the hack.

Most distressingly, the GRU attempted to conduct the attack as a “false flag” operation, using North Korean IP addresses and other methods to make the hack look like the work of South Korea’s bitter enemy. Such a tactic has been used before by nation-states around the world, but with the increasing escalation of nation-state attacks it may prove a dangerous precedent in digital warfare. After all, without the ability to accurately attribute attacks, we may not know how to block them…or who to be blocking against.   

 

Ben Canner

Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.
Ben Canner

Leave a Reply

Your email address will not be published. Required fields are marked *