Winter Olympics Targeted by Malicious Hackers
Cyberattack ahead of Olympic opening ceremony forces closure of official Olympic website for 12 hours – origin of attack yet to be revealed.
The PyeongChang Organising Committee for the 2018 Olympic and Paralympic Games (POCOG) has confirmed that it experienced a cyberattack that caused a malfunction of the internet protocol television at the main press office. The unidentified attackers went after the servers, which then prompted officials to shut down the Winter Olympics’ main website to limit the hacker’s access and prevent further damage.
The closure of the website meant that for 12 hours ticket holders to the Winter Olympics were unable to print their reservations or access event information. Evidently such a scenario had been envisioned as it has been revealed that Olympic stakeholders and some sponsors had taken out insurance against cyber threats.
Not the First Cyber Attack on Winter Olympics
This is not the first cyberattack to target the Winter Olympics. In the months leading up to the event McAfee, the global cyber security software developer, said it had detected a phishing attack in the form of malicious emails sent to Olympic officials.
Ryan Sherstobitoff, Advanced Threat Research Senior Analyst at McAfee, said that his teams had found, days prior to the opening ceremonies, a new variant of the malicious documents targeting the Winter Games. According to Sherstobitoff, the new document contained the same metadata properties as those related to Operation GoldDragon, and it sought to gain persistence on systems owned by organisations involved with the Winter Games.
A month ahead of the event US Department of Homeland Security issued a warning which stated, that “at high-profile events, cyber-activists may take advantage of the large audience to spread their message.” The statement went on to warn of the possibility that mobile or other communications could be monitored.
The Prime Suspects
It has been speculated that this latest attack originated either from North Korea or Russia. The historic political tensions between North and South Korea (the two countries are technically still at war) has been cited as a probable cause. However, cybersecurity experts have indicated Russia as a more likely source of the attack, citing the 47 Russian athletes and coaches excluded from the Games amid allegations of a doping programme as a motivation for the attack.
Russia has denied involvement in the attack. Russia’s foreign ministry said: “We know that Western media are planning pseudo-investigations on the theme of ‘Russian fingerprints’ in hacking attacks on information resources related to the hosting of the Winter Olympic Games in the Republic of Korea. Of course, no evidence will be presented to the world.”
Olympic Committee Refuses to Reveal Origin of Attack
Sung Baik-you, POCOG Spokesman said: “We know the cause of the problem but that kind of issue occurs frequently during the Games. We decided with the International Olympic Committee (IOC) we are not going to reveal the source (of the attack).”
IOC spokesman Mark Adams said: “Maintaining secure operations is our purpose. We are not going to comment on the issue. It is one we are dealing with. We are making sure our systems are secure and they are secure.”
When Adams was asked about who may have perpetrated the attack he responded: “I certainly don’t know. But best international practice says that you don’t talk about an attack.”