Olympic Destroyer is a vicious threat that almost disrupted Winter Olympic Games. Specialists have been researching it thoughtfully ever since, and they managed to find out details like how the malicious application was distributed as well as its capabilities. It was determined that the cybercriminals behind it might have tricked some inexperienced user into launching the malware, which started to spread until it reached its main targeted, which was Winter Olympic Games organizers and their partners. For more details about Olympic Destroyer, we recommend reading the rest of our article.
Researchers believe that hackers behind Olympic Destroyer were using a technique of phishing called spear-phishing. While phishing attacks can be directed at anyone, for example, regular home users. However, spear-phishing is usually employed when attacking particular organizations or businesses. In both cases, hackers need to know some information about a targeted victim, but in spear-phishing, it is vital to know a bit more details. For instance, spear-phishing emails might be made to look as if they are sent by someone trustworthy, like a co-worker of a victim. Thus, in such a case, the hackers need to gain information about targeted company’s employees, the topic of their communications, and so on. The more information they have, the more convincing their message can be.
It is thought that someone was tricked into opening an email attachment carrying Olympic Destroyer. Since the malware is a worm, it started to spread through the local network until it reached systems of Winter Olympic Games organizers and eventually their partners. Specialists believe the malicious attachment was a text document that contained an unreadable message on purpose. Launching such file alone should not trigger the malware’s installation. However, if a victim clicked the Enable Contents button in hope to restore the unreadable message, doing so could have launched a malicious executable file that installed Olympic Destroyer.
It is difficult to say how long it might have taken for the worm to reach its targeted systems, but once it did, the malware began its work. Specialists say the malicious application could collect information like login passwords as well as destroy data located on an infected device. The malware even made sure that no one could restore removed files as it took care of backup copies and disabled recovery tools installed on a computer. Moreover, it is said that the malicious application was used to take down the Olympic Games website, which made it impossible to buy tickets. Also, the hackers disabled Wi-Fi and display monitors for the Winter Olympic Games organizers for some time. The worm was also used in attempts to cause similar trouble to the organizers’ partners, but it would seem targeted companies reacted to the arising threat quickly and managed to protect their systems against Olympic Destroyer attacks.
Even though cybersecurity experts know how the malware works or how it was distributed, they are still not sure about its developers’ motives. Apparently, Olympic Destroyer is so damaging it could have done much more to its targeted systems. Some specialists believe the malicious application’s developers did not want too much attention as they could be only preparing for their actual attack. Since in this attempt, they attacked a large organization, it is possible the hackers’ target could be another huge company. Naturally, organizations that want to protect themselves from such attacks should be extra cautious in the future. It is essential to educate employees about cyber threats so they would know how to react when receiving suspicious emails or other messages. Also, it is vital to have a reliable technicians’ team as well as use security software that could help detect potential threats and guard a company’s systems against them.
If you are a regular home user, keep in mind that cybercriminals attack not only businesses. Usually, thinking that one cannot be targeted is the number one mistake. Hackers are interested in any piece of information they can get as they might be able to sell in the dark web, use it to scam users or hack into their accounts, and so on. Therefore, even if you have not been targeted by hackers or got your system infected with malware yet, it does not mean you do not have to worry about your cybersecurity. As we often say, it is better to be safe than sorry. To start with, we recommend employing a reliable antimalware tool. Plus, you should learn how to recognize phishing scams and last but not the least, you should never open data received or downloaded from untrustworthy sources.