Skip to main content
close search
site logo
Dive Brief

Olympics tech off to a tough start with server attacks and expanded malware

Published Feb. 12, 2018
By
Associate Editor
Wikimedia; Smooth_O

Dive Brief:

  • As athletes paraded through the opening ceremony of the Pyeongchang Winter Olympics on Friday, an unidentified actor hacked the organizing committee's servers, reports Yonhap News. The attack caused a "malfunction of the internet protocol televisions," so the committee shut down the servers — which also shut down the PyeongChang 2018 website — to prevent additional damage. The site was back online Saturday morning.
  • The attack was not the only security event marring the opening week of the games. McAfee found "expanded capabilities" relating to the Gold Dragon fileless attacks targeting organizations associated with the Pyeongchang Olympics, according to a company announcement
  • The new variant of the malware allows it to profile a targeted system and send the results to a control server. The initial PowerShell implant only had "basic data-gathering capabilities" to identify victims and set more malware on them.

Dive Insight:

The Winter Games this year are especially dangerous from a cybersecurity standpoint.

Geopolitical tensions within the Korean peninsula and from other foreign actors such as Russia have many security experts on edge. And the conglomeration of disparate IT systems temporarily set up by the Olympics committee, its partners and sponsors and other visiting organizations have created a broad swathe of potentially exploitable endpoints for malicious actors. 

McAfee first discovered the Gold Dragon malware in late December and disclosed it in early January. The company now believes that the implant "is the second-stage payload in the Olympics attack that [McAfee's] ATR discovered January 6."

The facelessness of cyberattacks can be frustrating point for the event's organizers, and attributing the Gold Dragon and server attacks to specific actors will be a nearly impossible feat for the IOC. McAfee has posited that Gold Dragon's complexity and rapid deployment are hallmarks of a nation-state actor, but even if the culprit is found it could take months or years. 

In the meantime, the organizers and organizations affiliated with Pyeongchang still have a lot of work ahead of them over the next few weeks.

"It is clear attacks are ongoing and are likely to continue throughout the duration of the games. What is yet to be determined is if actors are working simply to gain disruption or if their motives are greater," according to McAfee, in a statement provided to CIO Dive.

The real impact of these malware campaigns and other attacks may take months to fully realize. Visitors in Pyeonchang should remember to follow best security practices, especially not bringing company devices to the games and connecting to potentially vulnerable or compromised networks. 

Recommended Reading

Filed Under: Security

Editors' picks

Company Announcements

View all | Post a press release
truCX Launches Groundbreaking Partner Portal, Empowering CX Consultants and Trusted Advisors w…
From truCX
October 30, 2024
Viz.ai Wins Prestigious Prix Galien USA Award for Best Digital Health Solution
From Viz.ai
November 12, 2024
NeuBird Named a Cool Vendor in the 2024 Gartner® Cool Vendors™ in IT Operations Leveraging Gen…
From NeuBird
November 11, 2024
Newgen and Fadata Join Forces to Optimize Insurance Content Management
From Newgen Software
November 13, 2024
Editors' picks
Latest in Security
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell