Image: Kyle Dias
The UK government said today that Russian hackers were preparing cyber-attacks against the organizers of the Tokyo Olympics and Paralympic Games that were set to take place this summer in Japan before they were postponed to next year due to the ongoing COVID-19 pandemic.
Russian activity involved reconnaissance operations, according to a press release from the UK National Cyber Security Centre (NCSC).
Targets included the Games’ organizers, logistics services, and sponsors, the UK government said in a separate press release.
“The GRU’s actions against the Olympic and Paralympic Games are cynical and reckless,” said UK Foreign Secretary Dominic Raab.
“We condemn them in the strongest possible terms.”
UK authorities believe Russian hackers intended to sabotage the Olympic Games, similar to the cyber-attacks they carried out against the organizers of the 2018 Winter Olympic and Paralympic Games in Pyeongchang, South Korea.
In February 2018, Russian hackers deployed the OlympicDestroyer malware that crippled web servers during the opening ceremony of the 2018 Winter Olympics.
The attacks were carried out because the International Olympic Committee had banned Russian athletes from participating at the event under the Russian flag, citing a state-sponsored doping program.
The same ban, originally imposed for the Rio 2016 Summer Olympics, has also been extended to the Tokyo Olympics this year, with Russian athletes being banned from competing under the Russian flag again.
Now, UK officials say that Russia appears to have been preparing similar attacks to sabotage the 2020 Olympics as well.
UK officials said that responsible for these planned attacks was a Russian hacking group known as Sandworm, the same group behind the OlympicDestroyer destructive attacks at the Pyeongchang Olympics.
Sandworm hackers charged in the US
The UK government’s statement coincided with the announcement of formal charges against six Sandworm members by the US Department of Justice earlier today.
US officials charged Sandworm hackers for orchestrating not only the OlympicDestroyer attacks at the 2018 Pyeongchang Olympics but also a series of many other attacks, such as:
- attempts to sabotage Ukraine’s power grid in 2015 and 2016 with the BlackEnergy and Industroyer malware
- attempts to sabotage Ukrainian government networks with the KillDisk disk-wiping malware
- creating the NotPetya ransomware that caused a global outbreak in June 2017
- interfering in the French 2017 elections
- arranging cyber-attacks against the organizations investigating the Novichok poisonings in the UK
- mass-defacing thousands of Georgian sites in 2019
US officials blamed these attacks on Sandworm, a hacker group it said was composed of members of Unit 74455 of the Russian Main Intelligence Directorate (GRU), a military intelligence agency part of the Russian Army.
In its press release today, the UK government issued formal confirmation of the accusations put forward in the US indictments but also exposed and raised a sign of alarm about Sandworm’s impending attacks on Tokyo 2020 Olympics organizers.