SBS

Olympics hack highlights emerging 'false flags' threat - researcher

CANCUN, Mexico (Reuters) - The "Olympic Destroyer" computer virus used to attack last month's Pyeongchang Winter Games was embedded with forged code to make investigators believe the attack was done by hackers linked to North Korea, Russia's Kaspersky Lab reported on Thursday.





Discovery of the effort to insert a fake digital fingerprint in the Olympic Destroyer virus underscores the emerging threat of hackers using false flags to incriminate innocent parties or undermine confidence in information provided by security researchers.

"Attribution is not just difficult, it's getting impossible," Kaspersky researcher Vitaly Kamluk told reporters on the sidelines of the Kaspersky Security Analyst Summit, which is being held in Cancun, Mexico. "If it continues this way, you will see industry making a lot of mistakes and people will lose trust."

Olympic Destroyer temporarily took the Olympics website offline, preventing some people from printing tickets, and knocked out Wi-Fi used by reporters covering the games. Authorities have not identified any suspects, though cyber security firms have speculated that China, North Korea or Russia could be behind the hack.

While it is not the first time that false flags have been used to make it tougher for investigators to identify hackers, this is one of the most sophisticated attempts known to date because the forged indicators were difficult to locate, Kamluk said.

He said that while he does not know who was behind the hack, he is certain the attackers inserted the false digital fingerprint to make it look like Lazarus, a group linked to North Korea.

Kaspersky researchers obtained a sample of Olympic Destroyer from a Pyeongchang ski resort, which is one of the Russian anti-virus software maker's clients.

Early review of that code suggested it was from Lazarus because some technical features looked similar to malicious software used in a previous attack widely believed to have been launched by Lazarus, Kaspersky researcher Igor Soumenkov told the crowd of some 300 security experts.

But closer inspection revealed evidence that specific elements were forged, he said.

"We can say with 100 percent confidence that it is false. It is not the Lazarus Group," he said. "We don’t know who they are, but they are not the Lazarus group.”





(Reporting by Jim Finkle in Cancun, Mexico; Editing by Matthew Lewis)

Share
2 min read

Published

Source: Reuters

Share this with family and friends

Get SBS News daily and direct to your Inbox

Sign up now for the latest news from Australia and around the world direct to your inbox.

By subscribing, you agree to SBS’s terms of service and privacy policy including receiving email updates from SBS.

Follow SBS News
facebook
X (Twitter)
instagram
youtube
tiktok
rss
Download our apps
SBS News
iOSAndroid
SBS Audio
iOSAndroid
SBS On Demand
iOSAndroid
Listen to our podcasts
SBS News Update
An overview of the day's top stories from SBS News
SBS News In Depth
Interviews and feature reports from SBS News
SBS On the Money
Your daily ten minute finance and business news wrap with SBS Finance Editor Ricardo Gonçalves.
SBS News in Easy English
A daily five minute news wrap for English learners and people with disability
Get the latest with our News podcasts on your favourite podcast apps.
Watch on SBS
SBS World News

SBS World News

Take a global view with Australia's most comprehensive world news service
Watch nowOn Demand
Watch the latest news videos from Australia and across the world