The UK government has accused Russian hackers of targeting the Tokyo Olympic Games with a series of cyber attacks, with the ultimate goal of disrupting the games which have been postponed to 2021.
Representatives of the UK’s National Cyber Security Centre and Foreign Office have said that Russia’s military and cyber intelligence division – the GRU – was guilty of carrying out a number of “cyber reconnaissance” operations against Olympic officials and organisations supporting the games.
The revelations come after the National Cyber Security Centre detailed a collaborative campaign with US intelligence agencies to both locate and disrupt attempts by hackers targeting the Olympic Games. They allege that hackers belonging to the Russian cyber intelligence community were targeting Olympic Games sponsors, broadcasters, logistics companies, committees, officials and organising groups of the games.
Some have speculated that this may be a form of revenge from Russia after it was banned from competing in the 2020 Tokyo Olympic Games due to wide-scale doping allegations that reached even high-profile government figures.
The UK’s Assistant Attorney General, John Demers has issued a statement saying that “no country has weaponised its cyber capabilities as maliciously or irresponsibly as Russia, wantonly causing unprecedented collateral damage to pursue small tactical advantages and fits of spite.”
Demers added that the campaign was “the most disruptive and destructive series of computer attacks ever attributed to a single group,” stating that the group was responsible for causing damages worth more than $1 billion.
Demers referred to the series of hacks as the “Olympic Destroyer” campaign, which he suggests is a form of revenge for an international doping investigation into Russia. Demers says that Russian attempts to disrupt the Olympic Games “combined the emotional maturity of a petulant child with the resources of a nation state.”
The Assistant Attorney General’s remarks were backed up by Foreign Secretary, Dominic Raab who called the actions of the GRU “cynical and reckless.”
“We condemn then in the strongest possible terms,” Raab said, adding that “the UK will continue to work with our allies to call out and counter future malicious cyber-attacks.”
A member of the Tokyo Olympics organising committee has told The Guardian that “Tokyo 2020 sees cyber security as an important aspect of hosting the Games, and the Tokyo 2020 organising committee has been taking a range of measures and making thorough preparations.”
“Although we are not able to disclose details of the countermeasures due to the nature of the topic, we will continue to work closely with the relevant organisations and authorities to ensure that they are thoroughly implemented.”
Katsunobu Kato, Japan’s chief government spokesperson has said that “we would not be able to overlook an ill-intentioned cyber-attack that could undermine the foundation of democracy,” also stating that the government was collecting intelligence on parties involved in the hacking campaigns.
According to a report from The Guardian, “the UK is the first government to confirm details of the breadth of a previously reported Russian attempt to disrupt the 2018 winter Olympics and Paralympics in Pyeongchang, South Korea. It declared with what it described as 95% confidence that the disruption of both the winter and summer Olympics was carried out remotely by the GRU unit 74455.”
It comes at a time that the US Department of Justice has issued indictments against six GRU officers who have been charged with producing malware, spear phishing campaigns and ransomware that were used against Olympic, French and Georgian government officials.
The Justice Department has said that the damage bill for one piece of malicious software – NotPetya- stands at $10 billion alone, after it was successfully launched more than 300 times.