The UK Government determined the Russian military intelligence service (GRU) guilty of carrying cyber attacks on those involved in 2020 Tokyo Olympics organisation aimed at its disruption.
The Foreign, Commonwealth and Development Office (FCDO) and National Cyber Security Centre (NCSC) said the activity was the latest incident in a string of cyber attacks on the Olympic and Paralympic Games, which previously saw the GRU target the 2018 Winter Olympic and Paralympic Games in Pyeongchang, South Korea.
The cyber agency said the GRU used data-deletion malware in those attacks with the intention of sabotaging the running of both the Winter Olympic and Paralympic Games, as the malware was designed to wipe information from computers and to disable them.
Prosecutors say the hackers unleashed a devastating malicious software attack during the opening ceremony in February 2018 that deleted data from thousands of computers related to the event and left them inoperable. Russia then tried to pin blame on North Korea in what prosecutors say was a failed “false flag” attempt.
The unit is known as the Main Centre for Special Technologies (GTsST), as well as by its field post number 74455 and a number of other names online, including Sandworm and VoodooBear.
The NCSC said the same unit is also responsible for an attack on the UK Foreign Office’s computer systems in March 2018, and another targeting the Defence and Science Technology Laboratory (DSTL) in April of the same year, which at the time was investigating the Salisbury Novichok poisoning.
Similar charges the US Justice Department announced Monday against Russian intelligence officers who were found guilty of global cyberattacks that targeted a French presidential election, the Winter Olympics in South Korea and American business. The facts show that the same Kremlin unit that interfered in the 2016 U.S. elections caused the attacks. The result of attacks was billions of dollars in losses, disruption of living environment, particularly health care in Pennsylvania, power grid serving in Ukraine and the late-stage disclosure of hacked emails in France.
The purpose of six defendants, all said to be current and former officers in the Russian military intelligence agency known, was at furthering the Kremlin’s geopolitical interests and in destabilizing or punishing perceived enemies.
That was not for the first time when Russian involvement in hacker attacks. Past cases have focused on attacks against targets like internet giant Yahoo and the 2016 presidential contest, when Russian hackers from the GRU stole Democratic emails that were released online in the weeks before the election.
Another attack was aimed at disrupting the 2017 presidential election in France through hacks that targeted local government entities, campaigns and political parties, including the party of current President Emmanuel Macron.
In July the European Union issued its first ever sanctions against those accused of cyber-attacks including a unit of the GRU. Britain and the European Union have imposed sanctions on Alexander Petrov and Ruslan Boshirov, the two Russian military intelligence officers accused of carrying out the Salisbury poisoning, as well as the leadership of the service, including GRU chief, Igor Olegovich Kostyukov, and his deputy, Vladimir Stepanovich Alexseyev.
“Time and again, Russia has made it clear: They will not abide by accepted norms, and instead, they intend to continue their destructive, destabilizing cyber behaviour,” said FBI Deputy Director David Bowdich.
Robert Lee, a security researcher who helped uncover the malware used in one of the hacks, said U.S. and European political leaders should have done more at the time to call out Russia and make clear that attacks on power grids are unacceptable.