We know there was a cyberattack on the 2018 Winter Olympics' opening ceremony, but the identity of those responsible wasn’t certain. While the finger of suspicion seemed to point at North Korea, it seems that once again the culprit was Russia.

According to a report in the Washington Post, which cited officials from the US Intelligence community, Russia’s Main Intelligence Directorate (GRU) compromised 300 Olympic-related computers in early February. This came after a phishing campaign targeting Olympic officials in December, and the hacking of South Korean routers in January.

On the day of the opening ceremony, February 9, new malware was launched that disrupted internet and broadcast systems and took down the ticketing site for 12 hours, preventing people from printing their tickets. Ultimately, however, the disruption was minimal.

The Russians reportedly used North Korean IP addresses to make it look as if the attacks originated from the hermit country, but many still suspected Russia to be behind a false-flag operation. That theory now appears to have been confirmed.

Analysts say the reason behind Russia’s actions was the Olympic ban put in place over state-sponsored doping accusations. Some of its athletes were permitted to compete under the designation “Olympic Athletes from Russia,” but weren’t allowed to display the country’s flag on their uniforms, and no national anthem was played if they won medals.

The GRU is thought to have been responsible for a 2016 breach of Olympian medical records; an act that was also motivated by the ban.

At the time of the opening ceremony, Russia’s foreign ministry denied the country had anything to do with the attacks. "We know that Western media are planning pseudo-investigations on the theme of ‘Russian fingerprints’ in hacking attacks on information resources related to the hosting of the Winter Olympic Games in the Republic of Korea," it said.