If you ran down your favorite events at the Olympic games, there’s little chance that cyberwar would end up on the list. However, even before any of the opening ceremonies kick off this year in Pyeongchang, South Korea, cyber attackers already have gotten things started by attempting to breach the systems of organizations tied to the 2018 Winter Olympics.
At the beginning of January, malware attacks — in the form of email campaigns — made their way to a number of inboxes, primarily targeting the address icehockey@pyeongchang2018. Researchers suspected that the attempts were backed by foreign governments, likely from North Korea, Russia or China.
A malicious Microsoft Word attachment was included in the emails, which had been made to appear as though it had been sent by the South Korean counter-terrorism office. Once a user opens the document, a prompt appears to enable content. If the user clicks “yes,” the attacker is able to gain control of the machine and the connected networks.
It’s likely that this attack method was being used to gain information in a cyber-espionage effort.
As we head into the opening of the 2018 Winter Olympics on Feb. 7, cybersecurity professionals remain on high alert, believing that the early January incident was not the final act. Security analyst Peter Singer, speaking to Wired, said remote attacks are a possibility. Attackers have the potential to sow chaos by taking control of equipment, performing DDOS attacks or intercepting financial data.
This potential for disaster is why the back offices of the Olympic Games will include security experts from dozens of countries around the world, bringing state-of-the-art resources and top talent to stay a step ahead. While South Korea will lead the effort, the U.S. Diplomatic Security Service also will have a considerable force present.
Yes, most organizations can’t achieve the level of monitoring, real-time-response and threat intelligence the Olympics will employ – especially in-house. However, through managed security programs, employers still can leverage sophisticated, 24-hour protections backed by a state-of-the-art SOC facility.