U.S. intelligence officials are accusing Russian military spies of having hacked hundreds of computers at the Winter Olympics in Pyeongchang, South Korea — and the hackers apparently tried to make it look like the attack was coming from North Korea. The Washington Post reports that, according to two unnamed U.S. officials, the Russian military agency GRU obtained access to as many as 300 computers being used by Olympic authorities. They also hacked routers in South Korea last month, and launched malware on the first day of the Games.
The attack was likely intended as retaliation against the International Olympic Committee for banning the Russian team from the Games because of the country’s widespread use of doping to cheat in past Olympics. Russian athletes could still compete this winter, but couldn’t display the Russian flag or play Russia’s national anthem during their medal ceremonies.
Olympic officials had acknowledged a disruptive cyberattack on computer systems at the Games during the Opening Ceremony, but they never said who was responsible. The GRU apparently tried to mask its attacks by using North Korean IP addresses, a misdirection effort known as a “false-flag” operation.
The information warfare unit that carried out the attack is believed to be the same one that had conducted other attacks on the West and in Ukraine. Also, in January, the GRU-linked Fancy Bear cyberespionage group published emails stolen from the accounts of IOC and anti-doping officials in an attempt to create controversy and sow discord among international sports officials.
The GRU also hacked the 2016 Summer Games, probably in retaliation for the banning of almost the entire Russian track and field team over doping that year. Hackers obtained access to athletes’ confidential medical information and test results, and then published the information of some top U.S. athletes.