Security researchers described the code used to attack the 2018 Pyeongchang winter Olympics as 'Frankenstein-like.' In part two of our video series, hacker:HUNTER Olympic Destroyer, they explain how the malware was designed to point in multiple directions.


Who would dare to hack the Olympics?

The designer of an extraordinary piece of code lodged it in a system where it remained undetected for months. Part two of hacker:HUNTER Olympic Destroyer explores the nature of the attack, its process and why 'Frankenstein-like' code made it one of the most mysterious advanced persistent threat (APT) attacks in history.

Olympic Destroyer was the perfect example of an APT. What are they, and why are they so harmful?

APTs attack over time

APTs are sophisticated hacks that often wait for the perfect time to strike to create maximum damage. They lodge themselves in a system and steal critical data over weeks, months or years. Those behind these attacks build complex software for intentional damage – from espionage and sabotage to data theft.

Highly organized groups use APTs

APTs are notoriously associated with highly organized groups. They attack high-status targets like countries or large corporations, notably in manufacturing and finance, aiming to compromise high-value information like intellectual property, military plans and sensitive user data.

Their high-profile targets will have secure networks and defenses, so threats must stay undetected as long as possible. The longer the attack goes on, the more time attackers have to map the system and plan to steal what they want.

Motives behind attacks vary, from harvesting intellectual property to gaining advantage in an industry, to stealing data for use in fraud. One thing is clear: APTs cause severe damage.

The ‘perfect’ APT

Olympic Destroyer was the perfect APT. A highly-organized group attacked a national Olympic committee, and it worked.

The 'confusion bomb' had been undetected in the computer system for four months, biding its time to strike. Being in the system gave them time to find weak spots and pain points to make the attack more devastating. When it finally surfaced, all hell broke loose.

Crippling the whole IT system

By directly attacking the Olympics' data centers in Seoul, South Korea, Olympic Destroyer cut employees' access to network computers. Because Wi-Fi was out, Olympic building security gates stopped working, coverage stopped, and the whole infrastructure went offline. The Pyeongchang IT team was staring down the barrel of a potential geopolitical disaster.

Stay tuned for episode three, where we unravel the IT team's ingenious response and find out who did it. Any guesses? Go to hacker:HUNTER to stay up to speed.

Nomads

Save the world's last paradise

#fromkurilswithlove is raising funds for the conservation of the Kuril Islands

Original Series

hacker:HUNTER

A real cyber-crime documentary series

Our Shows

#fromkurilswithlove

Original Series

Fast Forward

Original Series

Imagine Beyond

Original Series

hacker:HUNTER

Original Series
Create Tomorrow

TWELVE minutes

TWELVE minutes project collects films that creatively depict life in the crisis

Original Series

Imagine Beyond

Examining how technology might improve our bodies and minds

Protect Tomorrow

#defendersofdigital

About the heroes fighting for a free and safe internet

What We Like

Taylor Rees: The story of the nature filmmaker

One of the most exciting nature filmmakers out there

Taylor Rees is one of the most exciting filmmakers around, making documentaries from forgotten volcanic archipelagos to red-hot reflections on the American civil war. Who is Taylor Rees and what other documentaries has she made that you must see?

Read More Show Less