Latest stories of our network
The final instalment of our series hacker:HUNTER Olympic Destroyer examines how Pyeongchang winter Olympics hackers put smokescreen to misdirect cybersecurity analysts. But through the fog, analysts realized the culprit wasn't who you might expect.
“Like placing someone else’s fingerprints at the crime scene.”
If successful, the 2018 Pyeongchang cyberattack could have cost billions of dollars, leaving a canceled Olympics and a geopolitical disaster in its wake. Their deceptive methods meant the cybercriminals nearly got away with it. Why did they want to point the analysts at another group? And who was behind it all?
Threat attribution – what is it?
Cybercriminals don't leave a calling card, but they do leave evidence. The art of finding and using that evidence to find the culprit is known as threat attribution.
Threat attribution is forensic analysis for advanced persistent threats (APTs). It analyzes the attackers' 'fingerprints,' such as the style of their code, where they attack and what kinds of organizations they target. Attacks can be matched with the fingerprints of other attacks attributed to specific groups.
Cybercriminals carry special ‘fingerprints’
Hackers have their own set of tactics, techniques and procedures. Cybersecurity experts can identify threat actors by studying these elements.
In February 2016, hackers attempted to steal $851 million US dollars and siphoned $81 million US dollars from the Central Bank of Bangladesh. The attack was linked to notorious cyber espionage and sabotage group Lazarus Group. Lazarus attacks casinos, financial institutions, and investment and cryptocurrency software developers.
Lazarus has certain targets and ways of attacking: Infecting a website employees of a targeted organization often visit or finding a vulnerability in one of their servers. These are the 'fingerprints' used in threat attribution.
Finding a needle within in a needle in a haystack
Crucially, Lazarus Group is long thought to be linked to North Korea. Olympic Destroyer included a piece of Lazarus's malware code, but the type of attack didn't fit. Its fingerprints better matched a cluster of attacks by another group with a very different agenda.
Watch the full video to see if you knew who the hacker was all along.
This APT might not have worked, but over the years, others have. To see what a successful APT looks like, watch Chasing Lazarus: A hunt for the infamous hackers to prevent big bank heists.
- Tomorrow Unlocked > hacker : HUNTER ›
- Tomorrow Unlocked > Unravelling the 2018 Pyeongchang Olympic ... ›
Look into the future of pleasure, lust and connection
Until now, scientists and developers have pushed to discover whether artificial intelligence can love humans, and vice versa. Welcome to the age of robot relationships.
AI loves me; AI loves me not<p>In Steven Spielberg's 2001 blockbuster science fiction film A.I. Artificial Intelligence, a highly advanced robot boy pursues a loving foster human who abandoned him. At the time it seemed far fetched. Today, it looks more like reality.</p><p>Imagine Beyond: Build me Somebody to Love looks at how AI is changing the way we look at love, lust and human connection. Could you marry a robot? Will a hunk of metal look after you in your dying days? Let's see how human machines could become.<br></p>
Eat turmeric, exercise regularly, sleep well – a few of many tips to increase your lifespan. But if they work, they will probably only give you a handful of extra years. If you want to drastically prolong your time on earth, here's what you might do instead.