Content, Asia Pacific, Breach, Channel markets

Winter Olympic Games: More Cyberattacks to Come?

The Pyeongchang Winter Olympics were hit by cyber attackers during last Friday’s opening ceremonies, in a hack many security pros saw as inevitable: The target is just too tempting to bypass even though the Games’ infrastructure is well fortified by all accounts.

There’s got to be some ego spurring on the cyber gangs lobbying cyber bombs against the seemingly impenetrable. Certainly it's not for fun. Is it to make the point on the world's largest stage that they can't be rebuffed no matter what the cost? Games’ officials, who appeared to have decided beforehand to keep their lips mostly zipped, confirmed the first day hack but declined to reveal either its nature or the possible perpetrators, multiple reports said.

Should we expect there’s more of the same in store for the next two weeks before the Games close on February 25th? It's hard to imagine otherwise.

Right now, it’s not clear what the International Olympic Committee (IOC) security experts think or what they know. Last Friday’s hack crashed the Games' website for about 12 hours and wobbled data streaming television at the press center. No critical operations suffered, an IOC spokesperson told Reuters.

That’s all the IOC is saying so far and it may be the most they’re going to say, evidently preferring to keep the details of their investigation to themselves. “We are not going to comment on the issue. It is one we are dealing with. We are making sure our systems are secure and they are secure,” the spokesperson said. The “best international practice says that you don’t talk about an attack.”

Some fingers have been pointed at Russia for the early hacks, perhaps in retaliation for its athletes being banned from the Games for doping. It’s a charge, however, that the Russian foreign ministry said lacked credibility.

“We know that Western media are planning pseudo-investigations on the theme of ‘Russian fingerprints’ in hacking attacks on information resources related to the hosting of the Winter Olympic Games in the Republic of Korea,” Russia’s foreign ministry said, as Reuters reported. “Of course, no evidence will be presented to the world.”

It’s true, there are plenty of crumbs but no cake at this point. About those plentiful crumbs: Late last December, someone launched a phishing and malware campaign directed at the organisations that provide infrastructure and other support for the Games, using a novel form of malware designed to slide control of the victim's machine to the attackers, ZDNet reported.

Was it a trial run for a larger assault? There’s really no way to know but suspicions abound. Security provider McAfee uncovered the attack and dubbed it Operation PowerShell Olympics. "This particular malware has not been seen before and it is something custom that was created by the attacker," Ryan Sherstobitoff, McAfee senior analyst, told ZDNet and amplified in a blog post.

The culprits remain at large and heavy odds say they will continue that way. "Technical details alone are often not enough to determine attribution. We are able to ascertain that the attackers have been trained in Korean language...and the objective seems to be to gather information on the planning, direction and infrastructure related to the Olympics," Sherstobitoff told ZDNet.

D. Howard Kass

D. Howard Kass is a contributing editor to MSSP Alert. He brings a career in journalism and market research to the role. He has served as CRN News Editor, Dataquest Channel Analyst, and West Coast Senior Contributing Editor at Channelnomics. As the CEO of The Viewpoint Group, he led groundbreaking market research.