2018 Winter Olympics a Prime Target for Hackers – IEEE – The Institute

http://theinstitute.ieee.org/ieee-roundup/blogs/blog/2018-winter-olympics-a-prime-target-for-hackers

Malware has already made its way into the 2018 Winter Olympics, but hopefully the organization is capable of keeping everything working well without serious problems.

This article claims that hackers are deploying malware capable of disrupting this year’s Winter Olympic Games, in Pyeongchang, South Korea. The malware is claimed to have the potential to disable critical infrastructure and compromise sensitive information.

People continue to be the weakest link in preventing these types of attacks, so

Phishing attacks are being executed to disrupt the games.

5 Comments

  1. Tomi Engdahl says:

    South Korea Probes Cyber Shutdown During Olympics Ceremony
    https://www.securityweek.com/south-korea-probes-cyber-shutdown-during-olympics-ceremony

    South Korea on Saturday investigated a mysterious internet shutdown during the Winter Olympics opening ceremony, which follows warnings of possible cyberattacks during the Pyeongchang Games.

    Internal internet and wifi systems crashed at about 7:15 pm (1015 GMT) on Friday and were still not back to normal at midday on Saturday, Games organizers said.

    Cyber-security teams and experts from South Korea’s defence ministry, plus four other ministries, formed part of a taskforce investigating the shutdown, they said, adding that it didn’t affect the high-tech opening ceremony.

    The outage follows warnings of malware phishing attacks targeting organizations working at the Olympics, and allegations of cyberattacks from Russia — which has denied any involvement.

    North Korea has also blamed for a series of cyber incidents including the WannaCry global ransomware attack, which infected 300,000 computers worldwide last May.

    Reply
  2. Tomi Engdahl says:

    Nicole Perlroth / New York Times:
    Researchers: cyberattack caused disruption to Pyeongchang2018.com and local internet, which grounded drones and more during Winter Olympics’ opening ceremony — A cyberattack caused the internet disruptions during the Winter Olympics’ opening ceremony on Friday night, Olympic officials and security experts said.

    Cyberattack Caused Olympic Opening Ceremony Disruption
    https://www.nytimes.com/2018/02/12/technology/winter-olympic-games-hack.html

    A cyberattack caused the internet disruptions during the Winter Olympics’ opening ceremony on Friday night, Olympic officials and security experts said.

    Jihye Lee, a spokesman for the Pyeongchang Organizing Committee, confirmed Sunday that “the technology issues experienced Friday night were caused by a cyberattack.”

    Mr. Lee did not elaborate on the cause but said that the attack had been quickly addressed and that systems had been stabilized by Sunday.

    The cyberattack took out internet access and telecasts, grounded broadcasters’ drones, shut down the Pyeongchang 2018 website, and prevented spectators from printing out reservations and attending the ceremony, which resulted in an unusually high number of empty seats.

    Security experts said they had uncovered evidence that the attack had been in the works since late last year. It was directed at the Pyeongchang Organizing Committee and incorporated code that was specifically designed to disrupt the Games or perhaps even send a political message.

    “This attacker had no intention of leaving the machine usable,” a team of researchers at Cisco’s Talos threat intelligence division wrote in an analysis Monday. “The purpose of this malware is to perform destruction of the host” and “leave the computer system offline.”

    Reply
  3. Tomi Engdahl says:

    Intel’s drone light show never got off the ground for the 2018 Winter Olympics opening ceremony
    They aired pre-recorded footage anyway.
    https://www.recode.net/2018/2/10/16998652/drones-guinness-world-record-pyeongchang-2018-winter-olympics

    Last-minute “impromptu logistical changes” kept Intel from performing its drone light show live during the opening ceremonies for the 2018 Winter Olympics in PyeongChang, South Korea. But that didn’t stop NBC from airing footage of it for those watching the tape-delayed version, nor did it stop Intel from celebrating the feat on Twitter.

    U.S. viewers tuned in to a tape-delayed broadcast on Friday night that showed pre-recorded footage from December, when Intel’s light show broke the Guinness World Record for flying the most drones, 1,218, simultaneously.

    The live show was intended to be a pared-down version of the feat, with 300 drones flying at the end of the opening ceremony, but that too was scrapped.

    “During the Ceremony, POCOG made the decision to not go ahead with the show because there were too many spectators standing in the area where the live drone show was supposed to take place,” according to a statement from the Olympic organizing committee.

    Reply
  4. Tomi Engdahl says:

    Researchers Warn Against Knee-Jerk Attribution of ‘Olympic Destroyer’ Attack
    https://www.securityweek.com/researchers-warn-against-knee-jerk-attribution-olympic-destroyer-attack

    Attribution has become a buzzword in malware analysis. It is very difficult to achieve — but is necessary in a world that is effectively engaged in the early stages of a geopolitical cyberwar. Malware researchers tend to stop short of saying, ‘this country or that actor is behind this attack’. Nevertheless, they are not shy in dropping hints, leaving the reader to make subjective conclusions.

    They have done just that with the recent cyber-attacks against the PyeongChang Winter Olympic Games.

    The New York Times comments, “Security companies would not say definitively who was behind the attack, but some digital crumbs led to a familiar culprit: Fancy Bear, the Russian hacking group with ties to Russian intelligence services.”

    Microsoft tweeted, “Fresh analysis of the #cyberattack against systems used in the Pyeongchang #WinterOlympics reveals #EternalRomance SMB exploit.”

    EternalRomance — one of the leaked NSA exploits — along with SMB was employed in the Bad Rabbit ransomware which has been likened to NotPetya which the UK government today ascribed to the Russian intelligence services.

    Reply

Leave a Reply to Tomi Engdahl Cancel reply

Your email address will not be published. Required fields are marked *

*

*