What is the cyber attack of Russian intelligence agencies pointed out by the US Justice Ministry and others?

What is the cyber attack of Russian intelligence agencies pointed out by the US Justice Ministry and others at 22:39 on October 20?

The U.S. Department of Justice has charged six Russian intelligence men with repeated cyberattacks on government agencies, businesses and organizations in each country.

The British government also claims that the intelligence agency was also attacking officials at the Tokyo Olympics and Paralympics, which was postponed next year.

The US Justice Ministry announced on the 19th that it has indicted six men from Russian intelligence agencies for conducting cyber attacks on governments, companies and organizations in countries such as the United States, the United Kingdom and Ukraine.

Damage in each country

From 2015 to last year, the six broke into the Ukrainian power company's system and brought down the power grid, attempted unauthorized access to information from political party officials in the French elections, and computer systems such as American medical institutions. It is said that it attacked Ukraine and caused damage of more than 100 billion yen in Japanese yen.

Furthermore, at the Pyeongchang Olympics held in South Korea, a large-scale cyber attack was carried out, and the data on the computer system of the Organizing Committee was erased to obstruct the operation of the tournament.

"Spear phishing email"

In addition, according to the complaints of six Russian intelligence men released by the US Justice Ministry on the 19th, during the Pyeongchang tournament held in South Korea, an attack by "spear phishing email" was aimed at the people concerned. However, it is said that it was widely practiced.

"Spear phishing email" is a word that means spear, and is an email that is more targeted and caught by a specific organization or person.

When you open an attached file with a virus, the person's terminal is infected, the infection spreads while stealing internal information, the attack spreads to a large target, and finally the system can be hijacked or destroyed. There is.

Attack at Pyeongchang Olympics

In addition, according to the complaint, the men called the IOC = International Olympic Committee executives a "list of representatives" with the virus against the organizing committee of the Pyeongchang Games and the partner companies of the Games. In addition to sending an email, he pointed out that he was sending an email with a virus to the athletes saying "Beware of changes in life at the hotel."

Furthermore, it is said that it sent an e-mail with a virus to the partner companies of the tournament under the name of "earthquake early warning".

Takashi Yoshikawa of Mitsui Bussan Secure Direction, who is familiar with cyber attacks, said, "Among the attacks by targeted emails, which are different from the scattered emails that send emails to everyone, the attacks of the indicted men are based on publicly available information. It's more sophisticated and malicious in that it targets and sends text that might be of interest to the target. It's not enough to just watch out for suspicious emails, always be aware of an attack. It is necessary. "

“Attack on the Tokyo Olympics and Paralympics”

Meanwhile, the British government, which cooperated with the investigation, announced on the 19th that the Russian intelligence agency GRU = General Information Bureau of the Russian Army Chief of Staff was conducting a cyber attack on the people involved in the Tokyo Olympics and Paralympics, which was postponed to next year. did.

It is not clear what the attack was or who it was targeted at, but it was targeted by Olympic organizations, logistics companies, sponsors, etc. before the Games were postponed. I'm trying.

The BBC has reported that it has attempted sabotage in response to Russia's punishment for doping issues.

Foreign Minister Raab has issued a statement stating that these sabotage operations are "reckless."

"Strengthen security measures"

In preparation for the Tokyo Olympics and Paralympics, which was postponed to next year, Mr. Yoshikawa said that there are more opportunities for people involved to remotely operate the system by teleworking due to the corona sickness, so there are more holes that will be the entrance to cyber attacks, and the risk is He points out that it should be considered expanding.

"It should be considered that the risk of cyber attacks is increasing due to the corona virus, and it seems that the attackers are preparing for the attack on the day of the tournament. Even if it is not directly related to the tournament, the virus is attacked by email. If you are infected with the virus, it may spread as a stepping stone, and you need to strengthen security measures. "