As the world eagerly anticipates the upcoming Olympic Games in Paris, it’s crucial to address a persistent and increasingly sophisticated threat: cyberattacks. Russia, in particular, has a notorious history of targeting the Olympics with various forms of cyber aggression. In this article, we will look at Russia’s frankly very checkered past when it comes to hacking the games and provide tips on how to protect your organization during the 2024 Olympics.
Olympic Destroyer
One attack that’s gone down in hacker history concerns the 2018 Winter Olympics in Pyeongchang in South Korea, known as Olympic Destroyer.
Three months ahead of the games starting, hundreds of members of the organizing committee and others involved in the preparation for the games got an email with the subject “List of Delegates” and an attached zip file, with a Word document inside of it. When opened, there was just garbled text but there was a helpful button at the top of the document – Enable Content. Clicking it executed a PowerShell script that downloaded and executed a malware program, which installed a backdoor, and also presumably fixed the garbled text. Amongst the recipients were mailboxes at two IT firms that supplied servers and networking for the games.
