Building a slide deck, pitch, or presentation? Here are the big takeaways:
- The PyeongChang Organizing Committee for the 2018 Olympic & Paralympic Games fell victim to a cyberattack during the opening ceremonies, causing a malfunction of the internet protocol televisions at the press center.
- Large events like the Olympics are prime targets for cybercriminals to carry out attacks including phishing, domain theft, ransomware, and fake social media posts.
Athletes aren’t the only ones going for the gold at the 2018 Winter Olympics in PyeongChang, South Korea: Cybercriminals hacked the Olympic organizing committee during the opening ceremonies on Friday, leading to malfunctions of the internet protocol televisions at the Main Press Centre, according to South Korea’s Yonhap News.
Major events like the Olympics are large targets for hackers, according to cybersecurity experts. Fans of a large event are often seen as easy targets for a wide range of attacks, including phishing emails, domain theft, ransomware, and fake social media posts, Engin Kirda, professor of computer science at Northeastern University, told TechRepublic during the summer 2016 Olympics in Brazil. If an employee falls victim to one of these attacks on a work machine, it may put their business at risk as well.
“Attackers are smart, and to make malicious emails more enticing for the victims, a frequent trick is to tie them to an event that is currently going on,” Kirda previously told TechRepublic. “As the Olympics are popular right now, users should expect to see malicious emails related to the Olympic games that aim to trick and exploit them.”
SEE: Incident response policy (Tech Pro Research)
Once the Friday attack was discovered, Olympic organizers shut down the servers to prevent further damage, which led to the closure of the PyeongChang 2018 website, Yonhap News reported. Spectators who purchased tickets to the events were unable to print their reservations with the website down.
The website came back online at 8 am local time on Saturday, Yonhap News reported. It remains unknown where the attack originated from. However, McAfee’s research team found a new variant of the malicious documents targeting the Winter Games a few days before the opening ceremonies, as reported by our sister site ZDNet.
“The new document contained the same metadata properties as those related to Operation GoldDragon, and sought to gain persistence on systems owned by organisations involved with the Winter Games,” McAfee Advanced Threat Research senior analyst Ryan Sherstobitoff said in a statement. “It is clear attacks are ongoing and are likely to continue throughout the duration of the games. What is yet to be determined is if actors are working simply to gain disruption, or if their motives are greater.”
In January, McAfee researchers discovered a phishing and malware campaign targeting organizations involved with Olympics infrastructure and support, with the goal of controlling infected machines using a new form of malware. The attack is now called Operation PowerShell Olympics, according to ZDNet.
McAfee analysts will continue to monitor the games, Sherstobitoff said in the statement.
IT teams should caution employees about clicking on links or attachments from Olympics-related emails, Kirda said. It is also always a good idea to use the latest technologies for preventing cyberattacks, he added: For example, behavior-based detectors (such as sandboxes) are useful in checking attachments for exploits that may infect a system.