Thank-you Washington Post for pushing the leaks of "anonymous officials" that "Russian military spies" hacked the Winter Olympics.

Russian military spies hacked several hundred computers used by authorities at the 2018 Winter Olympic Games in South Korea, according to U.S. intelligence.

They did so while trying to make it appear as though the intrusion was conducted by North Korea, what is known as a “false-flag” operation, said two U.S. officials who spoke on the condition of anonymity to discuss a sensitive matter. [...]

The GRU hackers are thought to work for the agency’s Main Center for Special Technology, or GTsST, according to intelligence agencies. That unit has been highly active in information warfare against the West and was behind the NotPetya cyberattack that crippled computers in Ukraine last year.

They are so awful these Russian spies. They will stop at nothing. And, once again "Fancy Bear" is the culprit.

The GRU accessed South Korean routers in January and sent out new malware on the day the Olympics started, which might have allowed them to collect intelligence or attack networks. Soon after the Games began this month, a Russian cyber spying group linked to the GRU, “Fancy Bear,” released a set of stolen emails purportedly belonging to international sports officials. The same hackers did something similar in the 2016 Summer Games in Rio de Janeiro, when they released the drug testing files for multiple athletes, including tennis player Serena Williams and gymnast Simone Biles.

Yeah, those damn Fancy Bear Russkies. Fancy Bear (a/k/a APT 28) is assumed to be an organized group of hackers within the Russian military intelligence agency GRU, because ... reasons.

The malware in question, a network tunneling tool known as X-Tunnel, was itself a repurposed open-source tool that made no effort to encrypt its source code, meaning anyone who gained access to this malware would be able to tell exactly what it was intended to do.

CrowdStrike claimed that the presence of the X-Agent malware was a clear “signature” of a hacking group—APT 28, or Fancy Bear—previously identified by German intelligence as being affiliated with the GRU, Russian military intelligence. Additional information about the command and control servers used by Fancy Bear, which CrowdStrike claims were previously involved in Russian-related hacking activity, was also reported.

The CrowdStrike data is unconvincing. First and foremost, the German intelligence report it cites does not make an ironclad claim that APT 28 is, in fact, the GRU. In fact, the Germans only “assumed” that GRU conducts cyberattacks. They made no claims that they knew for certain that any Russians, let alone the GRU, were responsible for the 2015 cyberattack on the German Parliament, which CrowdStrike cites as proof of GRU involvement. Second, the malware in question is available on the open market, making it virtually impossible to make any attribution at all simply by looking at similarities in “tools and techniques.” Virtually anyone could have acquired these tools and used them in a manner similar to how they were employed against both the German Parliament and the DNC.

The presence of open-source tools is, in itself, a clear indicator that Russian intelligence was not involved. Documents released by Edward Snowden show that the NSA monitored the hacking of a prominent Russian journalist, Anna Politkovskaya, by Russian intelligence, “deploying malicious software which is not available in the public domain.” The notion that the Russians would use special tools to hack a journalist’s email account and open-source tools to hack either the DNC or the German Parliament is laughable.

But hey, it's always the Russians who are behind these cyber attacks, at least according to the CIA and NSA, even when it later comes out that they were not, as, for example when the NSA confirmed Russians hacked the French elections (again APT 28 or Fancy Bear was blamed). Too bad the French intelligence chief threw cold water on that claim.

And what about the CIA's claim the GRU was behind the NotPetya cyber attack in Ukraine?

The CIA has attributed to Russian military hackers a cyberattack that crippled computers in Ukraine last year, an effort to disrupt that country’s financial system amid its ongoing war with separatists loyal to the Kremlin.

The June 2017 attack, delivered through a mock ransomware virus dubbed NotPetya, wiped data from the computers of banks, energy firms, senior government officials and an airport.

The GRU military spy agency created NotPetya, the CIA concluded with “high confidence” in November, according to classified reports cited by U.S. intelligence officials.

Again, when examined closely, skeptics have cast doubt that the Notpetya cyber attack was a Russian military intelligence operation. Indeed NSA hacking tools ""Eternal Romance" and "Eternal Blue" were used in two separate cyber attacks, Notpetya and Baddrabbit, a cyberattack that took down sites in Russia (including the Interfax News Agency) and Ukraine in October, 2017. Both cyber incidents were attributed to the same group of hackers.

We have only the word of anonymous US officials and their affiliates (such as the notorious Five Eyes intelligence cooperative) that Russia is behind this plethora of cyber attacks. Cyber attacks by "Fancy Bear" employ "sets of capabilities, attack tools and network infrastructure that are widely assumed to automatically mean GRU and/or FSB, i.e., Russia." The fact that no one has ever traced any of these tools back to the GRU or any other Russian government agency is beside the point. Our intelligence community simply assumes Russian spies are responsible based on pure speculation.

The ‘certainty’ is based upon conjecture upon conjecture, e.g., ‘who else could it be’? One historical excuse given is some of the type files accessed, as if only Russia could have an interest. Such reasoning is shallow at best. There are actually some very serious, highly financed, well organized other state and non-state players with substantial motives. The lack of even considering such is suspicious, and evidence of a lack of real investigation.

ESET (A cyber security firm with offices world-wide): “As security researchers, what we call “the Sednit group” [Another acronym for Fancy Bear, APT28, etc.,] is merely a set of software and the related network infrastructure, which we can hardly correlate with any specific organization.”

Well, US media also relies on the good folks at Crowdstrike, hired by the DNC and literally the only source of the claim Russia hacked the DNC computer servers (since the DNC refused the FBI to have access to their servers). Unfortunately for crowdstrike, it's made claims involving "Fancy Bear" cyberattcks on Ukraine's military that were later found to lack any credibility whatsoever. Another funny thing about Crowdstrike is that it is riddled with conflicts of interest (beyond being hired by the DNC) as most of its executuves and senior management have a well known anti-Russian bias. And yet everything they say is taken as the gospel truth by our corporate media. How convenient.

We also know that the CIA has the cyber-tools to mask the origin of attacks and point the finger at whomever they choose, as Nation Investigative Reporter, Patrick Lawrence reminded everyone:

“The list of the CIA’s cyber-tools WikiLeaks began to release in March and labeled Vault 7 includes one called Marble Framework that is capable of obfuscating the origin of documents in false-flag operations and leaving markings that point to whatever the CIA wants to point to.”

So, once again, our corporate media is blasting out more reports blaming Russia for another cyber-attack without any evidence other than the words of anonymous US intelligence officials, when literally it could have been anyone, including our own government intelligence agencies. Whoopie-eye-kay-yo, Mfers!