False flag? Russia ‘blamed Olympics ceremony hack on North Korea’

US officials claim Russian spies used North Korean IP addresses to cover their tracks

Russian military spies downed systems during this year’s Winter Olympics while masquerading as North Korean hackers, officials have claimed.

The cyber-attack, which took place during the opening ceremony in PyeongChang, crippled on-site WiFi and internet access and forced the website offline.

The Windows Defender Security Intelligence team subsequently revealed hackers had used the Eternal Romance exploit.

Now, two US officials have told the Washington Post that Russia was behind the attack – and that they tried to pin the blame on North Korea.

The two unnamed officials said that Russian spies used North Korean IP addresses to cover their tracks.

They added that up to 300 Olympics-related computers were affected in the security breach.

The Post report read: “They did so while trying to make it appear as though the intrusion was conducted by North Korea, what is known as a ‘false-flag’ operation, said two US officials who spoke on the condition of anonymity to discuss a sensitive matter.”

Although officials refused to confirm the source of the hack, Matthieu Suiche, founder of cybersecurity firm Comae Technologies, said the use of Eternal Romance demonstrates that last year’s leaked National Security Agency (NSA) exploits are “still being repackaged by malicious actors”.

Eternal Romance bypasses security over Microsoft’s SMB file-sharing connections, enabling remote execution of instructions on Windows clients and servers.

The exploit, along with Eternal Blue and Eternal Champion, was purportedly developed by the NSA’s secretive Tailored Access Operations (TAO) unit before being leaked by the Shadow Brokers hacking group last year.

Doping scandal

If Russia did use Eternal Romance to attack the South Korean Games, it was most likely in retaliation for the county being banned from competing.

The Russian national team was blocked after a widespread doping scandal.

Some 169 athletes were still allowed to compete under the team OAR – Olympic Athletes from Russia – but weren’t allowed to wear Russia’s color or wave the flag.

Any medals won will not count towards the country’s total, and the national anthem was not allowed to be played.

Russia has denied any involvement.