Olympic Destroyer Malware Attack Grabs Headlines During Olympic Games

Olympic Destroyer Malware Attack Grabs Headlines During Olympic Games

Over the last several years, more people have become wise to issues associated with network and digital security and anti-malware protection. Malware is basically an umbrella term that covers a wide variety of attacks you might have heard of, such as computer viruses, trojan horses, ransomware, spyware, scareware and adware.

Any kind of software designed specifically for malicious or nefarious purposes can fall under the category of malware.

This year’s Olympic games in Pyeongchang, South Korea were the target of one of the most high-level cyberattacks in recent memory, using a specific malware called, fittingly enough, “Olympic Destroyer.”

The Olympic Destroyer

Olympic officials confirmed the cyberattack occurred during the opening ceremonies of the Olympic games on February 9, but have not provided any information about the source of the attack.

What they did reveal was that the malware used in the attack was written with the intention of destroying systems rather than stealing data. It was coded in a way that it would delete everything it could on the machines it infected, simply to disrupt the Olympic Games.

The Olympic Destroyer would delete shadow copies and event logs, and use PsExec and WMI to move through computers and networks. It starts by delivering a binary containing multiple files to infected machines. These files are given randomly generated names to better hide them within the computer. Investigators were initially unclear as to how the binary was delivered, but multiple methods were considered possibilities. 

Each binary contains a pair of so-called “stealing modules,” one of which steals credentials stored in popular web browsers, and another of which steals credentials from Local Security Authority Subsystem Service. Once the malware infects the systems hosting the site, it destroys all of its shadow copies, leaving no trace.

There was little evidence to show who made the attack, but authorities felt confident they would be able to trace its source and find the person or party responsible.

Importance of IT security

While most businesses will never be as high-level a target as the Olympic Games, it is still extremely important for them to prioritize IT security, and this major story is just one further example why.

At IDMI.Net, we stay on top of the latest trends of malware. All of our systems are protected by anti-malware software, and we have additional practices in place to keep customer-based services secure from outside sources that try to gain access.

For more information about our security practices and what steps you can take to make your networks and digital assets more secure, contact us today.