Russian hackers targeted this year’s Olympic Games with the aim of disrupting them, UK officials say.
The Foreign Office said the GRU, Russian military intelligence, had carried out “cyber reconnaissance” against officials and organisations involved in the Tokyo Games.
That included organisers, sponsors, and logistics providers.
Officials did not, however, specify the nature or extent of the cyber-attacks in detail.
The attacks took place before the Tokyo Olympics was postponed until 2021 because of the coronavirus pandemic.
UK Foreign Secretary Dominic Raab said the attacks were “cynical and reckless”.
“We condemn them in the strongest possible terms,” he said. “The UK will continue to work with our allies to call out and counter future malicious cyber-attacks.”
Foreign Office officials also revealed details of the attack on the 2018 Winter Olympics in Korea, which it said was also carried out by the GRU.
On that occasion, the operation was a “false flag” – one designed to look like it came from North Korea or China, they said.
At the same time as the UK announcement, the United States Department of Justice revealed charges against six Russian hackers for a range of high-profile activities, including the 2018 Olympics attack.
The UK and US have been trying to increase the pressure on Russian hackers for a number of years by publicly exposing their activity, and they will be hoping that news of Moscow targeting an event like the Olympics will draw wider support from other countries.
It is thought that this attempt at disruption, like the 2018 attack on the Winter Olympics, was in response to Russia being excluded from sporting events for doping violations. Two years ago, some attendees were unable to print tickets for the opening ceremony, leaving empty seats, and this is the first time the UK government has formally attributed that attack to Russia.
Western intelligence officials believe there is some disruption caused by the exposure of Moscow’s practices and specific techniques, forcing the hackers to adapt.
But there is not much sign that the public campaign is forcing a rethink over their willingness to engage in such activity.
The 2018 Winter Olympics operation took aim at the opening ceremony, targeting broadcasters, officials, sponsors, and even a ski resort.
The National Cyber Security Centre, which helped to analyse the information, said the 2018 attack was “intended to sabotage the running of the Winter Olympic and Paralympic Games” by disabling its networks.
One method was to deploy malware that deleted data from the computer systems used that year.
It was prevented by IT officials cutting off affected computers and replacing them entirely to prevent the malware from spreading, it said.
UK officials have attributed several cyber-attacks against major organisations to the GRU, operating under various names – such as Sandworm, VoodooBear, Iron Viking and others.
The Foreign Office itself was subjected to one such attack in 2018, when GRU-affiliated hackers attempted to access its computer systems using a spearphishing attack.