The Russian intelligence hacking group ‘Fancy Bear’, who recently set up a sophisticated email “phishing” scheme designed to get access to US Senate emails and targeted US defence contractors, was reportedly behind the disruption of the Olympics opening ceremony on February 9.
The ‘Fancy Bear’ hackers – who are known to have ties to Russia’s foreign military intelligence agency the GRU – shut down the Pyeongchang 2018 website and prevented spectators from printing out reservations and attending the ceremony, which resulted in an unusually high number of empty seats.
The same attack infrastructure and tactics appear to have been used in campaigns targeting Turkish and Montenegro parliaments, the World Anti-Doping Agency, nuclear power generator Westinghouse Electric Company as well as the earlier breach of the Democratic National Committee and Clinton campaign chairman John Podesta.
The more recent attacks appear to be tied, in part, to last month’s decision by the International Olympic Committee to immediately suspend the Russian Olympic Committee. The IOC also banned some Russian athletes for life and said it would invite individual Russian athletes to the Winter Olympics, provided they meet specific conditions determined by a panel.
Fancy Bear targeted US defence contractors last year by taking advantage of poorly protected email and scant direct notification of victims and attacked the closed communications network of the US Senate through a series of fake websites that were designed to mirror the Senate’s internal email system.
Employees at defence giants like Lockheed Martin Corp., Raytheon Co., Boeing Co., Airbus Group, and General Atomics were also targeted. Most of the people on Fancy Bear’s target list worked on classified projects. As many as 40% of those who were exposed to Fancy’s Bear’s probes clicked on phishing links that lead to direct access to their private data.
Among their interests, the Russians seemed to eye the X-37B, an American unmanned launch vehicle that bears a close resemblance to a miniature space shuttle.
Fancy Bear first gained notoriety as one of two Russian hacking groups behind an attack on the Democratic National Committee ahead of the 2016 US presidential election.