Russia accused of “false flag” attack on Olympic opening

 In Biz & IT, fancy bear, GRU, International Olympic Committee, NSA, Policy, PyeongChang, router malware, WADA, winter olympics

Russia accused of “false flag” attack on Olympic opening

Serving the Technologist for more than a decade. IT news, reviews, and analysis.

Enlarge / Russia couldn’t compete under its own flag at PyeongChang, and US officials suggest, they used a “false flag” malware attack to disrupt them. (credit: Getty Images)

The cyber attack that disrupted some networks and servers at the opening of the Winter Olympics in PyeongChang left a number of conflicting forensic clues about its source. The attack used a blend of techniques, tools, and practices that blended the fingerprints of threat groups connected to North Korea, China, and Russia.

But according to a report by Ellen Nakashima of the Washington Post, US intelligence officials have determined with some confidence that the attack was in fact a “false flag” operation staged by individuals working on behalf of a Russian intelligence agency—an attack that went as far as to route traffic through IP addresses associated with North Korea to mask the attack’s origin.

In the wake of the February 9 attack, which affected Web servers and network routers connected to the Winter Games organizing committee—including the press center’s network, public Wi-Fi networks, and Web servers associated with ticket sales for the Games’ events—several security firms rapidly assessed malware connected to the attack. Initial evaluation of the malware showed some commonalities in techniques with NotPetya, the “wiper” malware attributed to Russia by UK and US intelligence. Cisco’s Talos Labs later revised its report, originally published on February 12, after discovering that the malware samples actually used credential-stealing tools to obtain logins and passwords and then wrote those credentials into the code used to spread the infection across the network.

Read 5 remaining paragraphs | Comments

Routing hacks, bits of code used to throw off attribution trail.

Recent Posts
Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Not readable? Change text. captcha txt