Malware Attacks Look to Disrupt Winter Olympics

Malware Attacks Look to Disrupt Winter Olympics

Cybersecurity firms are confirming that a computer malware attack dubbed "Olympic Destroyer" hit Wi-Fi systems at the Winter Games.

When it comes to securing the Winter Olympics in Pyeongchang, South Korea, organizers are cautious of every potential attack on the Games, including cyber attacks.

Cybersecurity experts are now confirming that a malware attack has hit select networks and Wi-Fi systems at the Winter Games on Friday, the day of the Opening Ceremony. Users with a @pyeongchang2018.com email address were targeted in the attack, which lasted more than an hour on Friday night.

The Pyeongchang Organizing Committee for the 2018 Olympic & Paralympic Games confirmed the cyber attack caused a malfunction of Internet protocol televisions at the Main Press Center, according to South Korea's Yonhap News. The committee was forced to "shut down the servers to prevent further damage, leading to the closure of the Pyeongchang 2018 website."

The malware was designed to wipe computer files but "intentionally holds back from inflicting maximum damage" allowing the hacker to deliberately pull its punches.

"Instead of deleting all the files on a computer, it only deleted those related to booting up, meaning an average tech could fix it with relative ease. Researchers have never seen that sort of restraint before from that kind of malware," according to Cisco's Talos division.

The cyber experts aren't ready to point the finger at where the attack might have originated, but the countries that seem to be surfacing as suspects are Russia and North Korea. According to Wired, however, the hacker "left behind some calling card that look rather Russian."

A separate hacking operation, dubbed "Operation GoldDragon" has attempted to infect target computers belonging to South Korean Olympics-related organizations with three separate malicious tools. The spyware "would enable hackers to deeply scour the compromised computers' contents."

McAfee identifies the three malicious tools as GoldDragon, BravePrince and GHOST419.

McAfee traced the phishing scheme that provided entry for the spyware "to a remote server in the Czech Republic, registered with fake credentials to a South Korean government ministry. And they found publicly accessible logs on that remote server that showed victim machines were in fact connecting to it from South Korea, a sign of actual infections," according to Wired.

Although McAfee won't say for sure, the company's chief scientist, Raj Samani, says his working theory is that the spyware attack is a North Korean operation, according to NPR.

 

About the Author

Sydny Shepard is the Executive Editor of Campus Security & Life Safety.

Featured

  • Just as Expected

    GSX produced a wonderful tradeshow earlier this week. Monday was surprisingly strong in the morning, and the afternoon wasn’t bad at all. That’s Monday’s results and asking attendees to travel on Sunday. Just a quick hint, no one wants to give up their weekend to travel and set up an exhibit booth. I’m just saying. Read Now

    • Industry Events
    • GSX
  • Allied Universal Report Highlights Expected Security Hazards

    All is not well with the world. I know that is not breaking news. Read Now

    • Industry Events
    • GSX
  • NOLA: The Crescent City

    Twenty years later we finds ourselves in New Orleans. Twenty years ago the aftermath of Hurricane Katrina forced exhibitors and attendees to look elsewhere for tradeshow floor space. Read Now

    • Industry Events
    • GSX
  • Nothing Artificial About this Intelligence

    I have been looking forward to this year’s GSX show in New Orleans, the Cresent City, or if you prefer The Big Easy. It seems like quite a while since we’ve been here. Twenty years ago, ASIS, as it was known then was literally washed out of the city by someone known as Katrina. It is a good thing to come back to NOLA. Read Now

  • From Monitors to Mission Control

    Security Operations Centers (SOC) were once defined by rows of static monitors, each displaying a single feed with operators quietly watching for issues. That model has become obsolete. Incidents evolve too quickly, data comes from multiple locations, and decisions must be made in seconds—not minutes. Read Now

New Products

  • Camden CM-221 Series Switches

    Camden CM-221 Series Switches

    Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings.

  • HD2055 Modular Barricade

    Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation.

  • PE80 Series

    PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

    ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening.