How Malicious Hackers are Competing for Notoriety at the 2018 Olympics

Over the past couple of weeks, all eyes have been on the athletes competing on the world’s biggest stage at the Winter Olympic Games.

Over the past couple of weeks, all eyes have been on the athletes competing on the world’s biggest stage at the Winter Olympic Games. However, there is one malevolent event for which there is no medal ceremony. Cybercriminals have been using the Olympics as a way to gain international notoriety. And like any fierce competitor, these malicious actors are flexing their skills to show the world exactly what they’re capable of.

It was reported that Russian hackers targeted the Olympics’ opening ceremonies with an extremely complex, well-structured cyber attack, dubbed “Olympic Destroyer”. This “worm within the Olympic infrastructure that caused a denial-of-service attack”interrupted wifi access, shut down the official PyeongChang Olympics website, and prevented people from accessing their tickets, accounts, and other information. Long story short, it completely stalled their IT systems.

Now cyber attacks are a dime a dozen, but it’s not the cyber attack itself that is worrying. What’s most unsettling about Olympic Destroyer is that it was a nation-state attack, perpetrated and supported by a government with zero budget constraints and extremely sophisticated capabilities. After being banned from this year’s Olympics with only certain athletes allowed to compete under the Olympic flag as “Olympic Athletes from Russia”, it is not unlikely that this was an act of revenge.

This is not surprising. A big motivating factor behind many cyber attacks is not necessarily data theft, but simply disruption – to cause chaos and wreak havoc on institutions, events, and organizations that people trust every day. They launch these attacks to compromise trust – not to take data, but just to show that no one is safe.  

“Olympic Destroyer is designed to automatically jump from machine to machine within a target network and destroy certain data on the machine, including part of its boot record, rebooting machines and then preventing them from loading.”

Olympic Destroyer went into the network and as the worm spread, it scanned the DNS to figure out where certain information was. As it traveled laterally throughout, it found the data it was looking for, and then simply blew it up. This relatively new wave of malware does not choose between scavenging for and exfiltrating data, or destroying data – it does both.

“To guard against […] attacks, the best defense is for organizations to know their enemy.”

With these things move fast and furiously, what can IT organizations do? First off, there is no silver bullet, no matter what anyone tells you. There is no singular solution or tool that will keep you 100% secure, but there are measures you can take to bolster your security posture, like backing up your data and segmenting your network. Secondly, they know your security tactics. So it’s important to get a step ahead of potential cyber attackers by applying policy controls based on the patterns within your network traffic. 

It’s about anticipating their plans, knowing their movements and being cognizant of hints and insights inside your DNS data. After all, attackers design these things with you, the target, in mind, 

so it’s time that you get inside their heads


An avatar of the author

Anna is a passionate content writer who’s always eager to learn something new about cyber security.

Related content

Detect anomalies and CVE risks with Infrastructure Assurance 8.4 

The Infrastructure Assurance 8.4 release features an anomaly detection engine for outliers and a CVE analysis engine to uncover device vulnerabilities.

Read more

Get fast, resilient, and flexible DDI management with Integrity 9.6

With Integrity 9.6, network admins can get support for new DNS record types, architect and configure multi-primary DNS, and automate IP assignments.

Read more

Deepen your security insight with Infrastructure Assurance 8.3

BlueCat Infrastructure Assurance 8.3, with an enhanced analytics dashboard, including interactive widgets and top 10 alerts, is now available.

Read more

Security, automation, cloud integration keys to DDI solution success

Only 40% of enterprises believe they are fully successful with their DDI solution. Learn how to find greater success with new research from EMA and BlueCat.

Read more

Our commitment to Micetro customers and product investment

From CEO Stephen Devito, a word on BlueCat’s ongoing commitment to supporting Micetro customers and Micetro’s evolution as a network management tool.

Read more

Seven reasons to rethink firewall monitoring and boost automation 

With BlueCat Infrastructure Assurance, you can better protect your network with automated alerts and suggested remedies for hidden issues in your firewalls.

Read more