Security experts believe malware attacks on the Olympics may have come from Russia

[William Gayde]

After the high-profile malware attack on the 2018 Winter Olympics opening ceremony, security researchers are beginning to dig through the digital rubble in the hopes of finding the culprit.

Initial theories pointed the finger at Russia or North Korea but experts have been hesitant to make any conclusions. As the Olympics continue to unfold, a trickle of forensic evidence leading back to Russia and North Korea is starting to be uncovered.

Malware writers don't exactly leave a calling card in their code so determining who caused an attack is often difficult. What we do know so far is that the attack, dubbed "Olympic Destroyer," lasted under an hour on Friday and targeted users with an @pyeongchang2018.com email address. This caused the Pyeongchang 2018 website to go down and briefly interrupted some video streams.

The malware works by turning off the infected machine's services, destroying the boot information and generally rendering the machine unusable. One surprising characteristic is that it does show some restraint and does not appear to cause maximum damage. Rather than deleting all of the system's files, it only targets the boot information. A trained technician can restore the data relatively quickly.

Olympic Destroyer's spreading and targeting techniques resemble that of NotPetya and BadRabbit, pieces of malware the CIA and others in the security community have attributed back to Russia.

Given that Russia was banned from competing at the Olympics due to the doping scandal, they are naturally the prime suspect. For their part, they have stated that "We know that Western media are planning pseudo-investigations on the theme of ‘Russian fingerprints’ in hacking attacks on information resources related to the hosting of the Winter Olympic Games in the Republic of Korea."

We will likely never know who was behind the attacks but with the whole world watching Pyeongchang, it certainly makes for a prime target from someone wishing to send a message.

Permalink to story.

https://www.techspot.com/news/73270-security-experts-believe-malware-attacks-olympics-may-have.html

 

[QuantumPhysics]

Next thing you know they'll be hacking supercomputers to mine Bitcoin.

 

[Fluffmeister]

Stay classy Russia

 

[GeforcerFX]

Pretty sure 90% of the world was sure who done it after the news broke. Looking at the statement from the Kremlin a few hours after the news was reported kinda through up all the red flags.

 

[Sherwoodnt]

Those Russians sure do love the hackings!

 

[p51d007]

I'm guessing "Russian hacking" is now the boggie man behind every door?

 

[senketsu]

I suspect a lot of these are tests. Proof of concept so to speak to advance what they are really working on or planning, which only they know. Sadly if the Russians are doing it, you can be sure the NSA/CIA or other nations equivalents are doing the same thing.

 

[Evernessince]

If we weren't in the era of digital warfare, we definitely are now. It seems like Russia is winning simply because no one else is fighting them. Maybe we can have the NSA actually do something useful or take that extra military budget and establish what should be a whole new branch of the military, the Cyber warfare division. This is important now and will only become more important as time goes on.

 

[SirChocula]

I'm guessing "Russian hacking" is now the boggie man behind every door?

You guessed it! After Mattis suddenly declaring terrorism is no longer the "biggest threat" to national security...we sure showed them boys! 16+years in the middle east, destroying every country and now we've "won"! Suddenly, China and Russia instantly became the new boogie man!

 

[JaredTheDragon]

The guy used an email pointing to North Korea. "@pyeongchang2018.com"? Come on, people. It's an obvious fake. The event, the hack, and the person.

This is Langley playbook page 2 stuff, folks. It's the type of stuff one believes and then goes out and buys a thousand dollar phone from the same people. Get wise.

 

[frostyshield]

Let me take a wild guess and say the NSA used their tools that we all know about by now to make attacks look like they came from a different country just to try make others sanction russia even more.

We NEVER know who attacked who anymore thanks to the NSA but yet people still hop on the russian bandwagon because its super cool.

 

[Nobina]

Don't take this as a fact. It clearly says they "believe" not they are sure and have proof and they are probably full of **** cause that seems to be the case for a huge majority of these accusations.

 

[commanderasus]