Russian, Chinese? It’s all a dark scam!

Russian security services allegedly target Winter and Paralympic games

Russians and Eastern Europeans more generally are the primary conveyors of viruses and Trojans that sit in computers of soft and unsuspecting Westerners, working in offices or playing at home. The cold war with the East is waged in virtual space while the war of opportunity between clever cyber-warriors in Siberia or elsewhere in the north and financial security and risk officers in padded City, Wall Street or Tokyo high-rises proceeds.

Russians disguise themselves as Chinese or Koreans to provoke the fears of Western security services. Not so  long ago, their instinct was to go for Russians, but China is now the butt of our fears.

At issue in the cyber wars is both control of information and control of the agenda as Intelligence services battle it out in cyberspace, alongside fraudsters.

The UK Government publicly announced they had spotted security services from Russia seeking to sabotage the Winter and Paralympic Games. It was a very public, and detailed, exposure of a mischief that makes very little sense. It begs the question: Why did the UK government publish such a document?

The UK announcement reads: “The GRU’s [Russian security service] cyber unit attempted to disguise itself as North Korean and Chinese hackers when it targeted the opening ceremony of the 2018 Winter Games.

“It went on to target broadcasters, a ski resort, Olympic officials and sponsors of the games in 2018.

“The GRU deployed data-deletion malware against the Winter Games IT systems and targeted devices across the Republic of Korea using VPNFilter.

Security Assessment

“The National Cyber Security Centre (NCSC) assesses that the incident was intended to sabotage the running of the Winter Olympic and Paralympic Games, as the malware was designed to wipe data from and disable computers and networks.

“Administrators worked to isolate the malware and replace the affected computers, preventing potential disruption.”


These cyber attacks were committed by the GRU’s Main Centre for Special Technologies, GTsST also known by its field post number 74455 and known in open source as:

  • Sandworm
  • BlackEnergy Group
  • Telebots
  • VoodooBear
  • Iron Viking
  • Quedagh
  • Electrum
  • Industroyer
  • G0034

Back to Top