Hacking at the Olympics made headlines across the country, but for weeks the culprit was a mystery. During the opening ceremony websites for the PyeongChang games were unable to carry out any but their most basic functions — some tickets weren't even able to be printed. Despite the initial lack of details around the hacking, The Washington Post reported Saturday night that Russia hacked the Olympic Games and tried to blame it on North Korea by using IP addresses from the country.
The article was based on intelligence reports and interviews with two American officials who told the paper anonymously that the hack was a “false-flag” operation — as such IP address switches are called — and had intentionally been done to look like North Korea was to blame.
According to The Post, an intelligence report suggested that Russians had accessed 300 computers connected to the games even before they started. Then they attacked routers as the games began and started to release malware on the day of the opening ceremony. This expensive technique only pays off at high value targets like the Olympics, and hackers could use it to completely disrupt the networks in question.
The Organizing Committee for the Olympic Games acknowledged the hack at the start of the games, and its spokesperson even claimed to be aware of where the attack came from. It is not clear if they then knew Russia was to blame at the time, or if that came out after an ongoing investigation.
"We know the cause of the problem but that kind of issues occurs frequently during the Games. We decided with the IOC, we are not going to reveal the source," PyeongChang organizing committee spokesman Sung Baik-you told reporters after the opening ceremony. "We wouldn’t start giving you the details of an investigation before it is coming to an end, particularly if it was on security which, at these games, is incredibly important."
The International Olympic Committee was more circumspect and its spokesperson insisted he wouldn't release the suspected perpetrator.
Russia had tried to distance itself from the potential allegations before the games began. "We know that Western media are planning pseudo-investigations on the theme of ‘Russian fingerprints’ in hacking attacks on information resources related to the hosting of the Winter Olympic Games in the Republic of Korea,” Russia’s foreign ministry said a few days before the opening ceremony. “Of course, no evidence will be presented to the world.”
The evidence that was presented in The Post article suggested that the Russian military agency GRU, which stands for Main Intelligence Directorate in its Russian initials, had put a main hacker unit on the job. The unit, the Main Center for Special Technology, has been found responsible by Western analysts for other big jobs like cyber attacks on Ukraine.
One Olympics-related hack was when the group released testing information on athletes like the Williams sisters and gymnastics star Simone Biles. That hack, in September 2016, used the World Anti-Doping Agency’s database to share personal medical information stored about the U.S. athletes.
At the time, the hack undermined Russia's efforts to move past its own doping scandal following the 2014 Sochi Games. Now, at the 2018 PyeongChang games, Russia's doping has been in the spotlight again. The country's athletes have not been able to compete under their own flag. Instead they have had to attend the Winter Games under the Olympic flag as "OAR" athletes, or Olympic Athletes from Russia.
There had been some hope among Russian Olympic officials that the team would be able to march under its own flag at the closing ceremony, but those hopes were ultimately dashed. The winning OAR men's hockey team sang the Russian national anthem upon winning the gold medal — even though the International Olympic Committee had banned it.
Russia's hack will likely not ingratiate itself with Olympic officials for future games. But if no more athletes are found to dope, its national team is set to be reinstated after the games — long before 2020.