Blog

Sochi 2014: Understanding Physical and Cyber Threats

Posted: 2nd February 2014
By: S3
Sochi 2014: Understanding Physical and Cyber Threats

Former CIA Deputy Director Michael Morell recently called the 2014 Sochi Winter Games “the most dangerous Olympics” of his adult life. Recorded Future analysis highlights the following cyber and physical threat actors and provides “sources to watch” to aid risk assessment.

Monitoring the following sources – familiar to many threat intelligence analysts – can provide continued situational awareness if you or your organization is somehow involved with Sochi 2014.

@AnonsCaucasus / **@Anony_Caucasus **– Official Twitter handles of Anonymous Caucasus aka the “Electronic Army of the Caucasus Emirate.” Using #OpPayBackForSotchi2014 (note spelling) and #OpSochi.

kavkazcenter.com / @KavkazCenter – Official news portal of the Caucasus Emirate (see below).  Banned in Russia, the site has claimed direct contact with Caucasus Emirate officials.

Background: Hacking collective Anonymous Caucasus has claimed attacks on the Bank of Russia and anti-terrorism site Kavkazpress.ru. In late Dec/2013, they threatened to attack both Russian government and sponsor websites tied to the Games. Analysis has tied their previous domain “anonymou.so” to a registration including the name “Vilayat Dagestan.”

Vilayat Dagestan (literally: Province of Dagestan, Russian: Вилайят Дагестан, formerly known as Shariat Jamaat), is a member of the so-called Caucasus Emirate (a.k.a. “IK” or Imirat Kavkaz) an umbrella group for Chechan rebels seeking to establish an independent Islamic state in the North Caucasus. In a January 2014 video, two apparent Vilayat Dagestan suicide bombers claimed responsibility for the December Volgograd bombings which took 34 lives.

Doku Umarov (a.k.a. Dokka Abu Usman), a rumored dead Chechen warlord and leader of the Emirate, has urged followers to strike the Sochi Games, which he denounced as “satanic dances on the bones of our ancestors.”

As background, some activist groups argue that Russia’s actions during the Caucasian War (1817-64) should be recognized as genocide. Krasnaya Polyana, about 30 miles from Sochi, was the site of the war’s final bloody battle. On February 6, snowboarding events begin at Krasnaya Polyana.

The US State Department in May 2011 designated the Caucasus Emirate as a Specially Designated Terrorist group under Executive Order 13224 and authorized a $5 million reward for information leading to Umarov’s arrest.

Continuing Analysis: Our baseline analysis of Sochi 2014 open source threat information yielded nearly 22,000 references across seven languages.

With wide ranging estimates of 40,000 – 100,000 personnel, Russia’s military might will provide a significant check on physical threats from the Caucasus Emirate and/or smaller groups. As the Games approach, Analysis Intelligence will provide further information on the Russian response to both the physical and cyber threat.

Interesting in using these threat intelligence analysis? Check out Recorded Future Cyber

Related