CANCUN, Mexico – A postmortem of the Olympic Destroyer malware used in the
PyeongChang Olympics attack reveals a deliberate attempt by adversaries to plant a false flags when it comes to attribution, according to researchers.
Days after the crippling attack on the backend networks tied to the Winter Olympic Games, a chorus of security experts attributed the attacks to everyone from Russia, Iran, China and groups such as Lazarus, the nation-state backed gang linked to North Korea.
However, security experts now believe a skilled and mysterious threat actor behind the malware intended to sow confusion among those attempting to assign attribution to the attack. Researchers called the attempt a type of cyber “fake news” attack motivate the media to point fingers in the wrong direction.
“Perhaps no other sophisticated malware has had so many attribution hypotheses put forward as the Olympic Destroyer,” said Vitaly Kamluk, researchers with Kaspersky Lab who co-authored a report released today on the attacks. “Given how politicized cyberspace has recently become, the wrong attribution could lead to severe consequences and actors may start trying to manipulate the opinion of the security community in order to influence the geopolitical agenda.”
....
....
....
