Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

Britain accuses Russia of cyberattacks on Tokyo 2020 Olympics

Russian agents tried to disguise themselves as Chinese and North Korean hackers in ‘false-flag’ operations, UK alleges

Kim Sengupta
defence editor
Tuesday 20 October 2020 10:45 BST
Comments
UK exposes Russian cyber attacks against Tokyo Olympics

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Britain has accused Russian intelligence of carrying out a series of cyberattacks on the 2020 Summer Olympics in Tokyo with security officials warning that the postponed Games due to take place next year may also be targeted.

UK and allied intelligence services discovered that the Russian military intelligence service, GRU, attempted to disguise itself as Chinese and North Korean hackers in “false-flag” operations to disrupt the Games.

The attacks started, according to security officials, in September last year, days before the World Anti-Doping Agency (Wada) threatened to ban Russian athletes from the Olympics and other major international sporting events.

The GRU, which has been accused, among other things, of the Salisbury Novichok poisoning and the hacking of the Democratic National Committee (DNC) computers during the 2016 US election campaign, also carried out cyberattacks on the 2018 Winter Olympics in South Korea, using the malware “Olympic Destroyer”.  

Foreign secretary Dominic Raab said: “The GRU’s actions against the Olympic and Paralympic Games are cynical and reckless. We condemn them in the strongest possible terms. The UK will continue to work with our allies to call out and counter future malicious cyberattacks.”

In July the European Union issued its first ever sanctions against those accused of cyberattacks including a unit of the GRU. Britain and the European Union have imposed sanctions on Alexander Petrov and Ruslan Boshirov, the two Russian military intelligence officers accused of carrying out the Salisbury poisoning, as well as the leadership of the service, including GRU chief, Igor Olegovich Kostyukov, and his deputy, Vladimir Stepanovich Alexseyev.

Last week the UK and the European Union imposed sanctions on senior Kremlin officials, including Alexander Bortnikov, the head of the Federal Security Service (FSB), the successor intelligence agency to the Soviet KGB, over the poisoning of the opposition leader Alexei Navalny.

The Foreign Office and the National Cyber Security Centre (NCSC) said: “Russia’s military intelligence service - the GRU - conducted cyber reconnaissance against officials and organisations at the 2020 Olympic and Paralympic Games due to take place in Tokyo this summer before they were postponed. The targets included the Games’s organisers, logistics services and sponsors.

“The attacks on the 2020 summer Games are the latest in a campaign of Russian malicious activity against the Olympic and Paralympic Games. The UK is confirming for the first time today the extent of GRU targeting of the 2018 Winter Olympic and Paralympic Games in Pyeongchang, Republic of Korea. 

“The GRU’s cyber unit attempted to disguise itself as North Korean and Chinese hackers when it targeted the opening ceremony of the 2018 Winter Games. It went on to target broadcasters, a ski resort, Olympic officials and sponsors of the Games in 2018.”

The NCSC stated that the cyberattacks were committed by the GRU’s Main Centre for Special Technologies (GTsST), known by its field post number 74455 in security circles, and also as  Sandworm, BlackEnergy Group, Telebots VoodooBear, Iron Viking, Quedagh,  Electrum, Industroyer and G0034.

In March 2018, says the NCSC, the GRU attempted to compromise the Foreign Office’s computers in London, and in April 2018 it attempted to hack the system at Defence and Science Technology Laboratory (DSTL). In October 2017 malware was used to infect thousands of home and small business routers and network devices worldwide.

On the 2018 Olympics attack, the NCSC says “intent behind the incident was almost certainly sabotage as the malware was designed to wipe data from and disable computers and networks. Disruption to the Winter Olympics could have been greater if it had not been for administrators who worked to isolate the malware and replace affected computers”.

Black Energy, Industroyor, NotPetya and BadRabbit carried out severe cyberattacks on Ukraine between 2015 and 2017, says NCSC. In October 2019 the GRU is also said to have carried out large-scale cyberattacks on Georgia.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in