Hackers Targeting 2018 Winter Olympic Games

The world is four days away from the opening ceremonies for the 2018 Winter Olympics held in Pyeongchang, South Korea. The Olympics are an athletic spectacle fraught with political undertones and have occasionally been targeted by terrorists and activists. As cyber threats have evolved and increased, so too has the probability of such attacks on the Games. Wired.com reports, “More so than any previous Olympics, the run-up to Pyeongchang has been plagued by apparent state-sponsored hackers.”

The Games have not even begun, but according to McAfee Advanced Threat Research as of early January hackers had launched an email phishing campaign with an infected MS Word document that contained malware. Another attack campaign, which MacAfee has dubbed Operation GoldDragon, attempted to plant three distinct spyware tools on target machines that would enable hackers to scour the compromised computers' contents.

The hackers could be lone actor mercenaries acting at the behest of nation-states, or they may be government staff. McAfee suspects the attacks originated from Russia and North Korea. The latter is a prime suspect, given its saber-rattling in the past year, its acrimonious relationship with its neighbor, and its suspected ties to the WannaCry Ransomware attack in the spring of 2017 and the attack on Sony Pictures in November of 2014.

Anyone who hacks the Games is most likely trying to do the following:

  • Create chaos and make operations more difficult for the Games and citizens in general
  • Conduct revenge against US and other countries for economic sanctions
  • Steal sensitive intellectual property or sensitive consumer data.

Thus far, no one has speculated about the probability of a distributed denial of service (DDoS) attack on the Games, but it certainly is possible. A DDoS attack could be a nuisance that impacts the service availability of one or more websites, or it could be a stealth attack that masks a more dangerous malware threat, or it a massive attack on critical infrastructure that could cripple daily operations in the region or in the Olympic village. Let’s hope that South Korean authorities and the Olympic Games organization has effective DDoS protection to prevent such attacks.

For more information, contact us.