PyeongChang Winter Games hit by cyber attack

Although critical operations were not affected by the incident, event organisers at the PyeongChang Winter Olympics had to shut down servers and the official games website to prevent further damage

The ongoing Winter Olympics in South Korea was hit by a cyber attack that affected internet and TV services last Friday, according to the International Olympic Committee (IOC).

After the attack was detected, event organisers had to shut down servers and take the official PyeongChang Winter Olympics website offline to prevent further damage.

During a press briefing on the sidelines of the global sporting event, IOC spokesperson Mark Adams declined to reveal the source of the attack, noting that the issue had been resolved the next day, according to a Reuters report.

“We are not going to comment on the issue. It is one we are dealing with. We are making sure our systems are secure and they are secure,” he told reporters.

Cyber security experts had warned of an increase in cyber attacks on the Winter Games using spear phishing e-mails loaded with suspicious links to lure victims into downloading malware in targeted campaigns, such as GoldDragon which took place in December 2017.

According to threat analysts from McAfee, GoldDragon – directed at organisations affiliated with the Winter Olympics – lets attackers access end-user systems and collect data stored on devices and the cloud. The data may include customer and employee financial or personal data, Winter Games related details and trade secrets.

Although critical operations were not affected by last week’s incident, similar attacks had been launched against critical and non-critical systems in past Olympics games.

During the summer Olympics in London, there were reportedly six major cyber attacks against critical systems, including distributed denial of service attacks on power systems that lasted for 40 minutes. Hacktivists also made calls on social media to launch similar attacks at specific times.

Read more about cyber security in APAC

  • The Malaysian Communications and Multimedia Commission (MCMC) and a local firm have been sued for the massive data breach involving the personal data of more than 46 million mobile phone users in the country.
  • Cyber resilience remains lowacross Southeast Asia, a regional economic powerhouse that is increasingly susceptible to cyber threats as its digital economy grows.
  • Singapore’s Ministry of Defence is getting white hat hackers to identify loopholes in its internet-facing IT systems in the country’s first government-led bug bounty programme.
  • The key to improving the cyber security posture of organisations is to keep complexity at bay, according to a senior Microsoft APAC executive.

And during the Rio Olympics in 2016, the IOC said it was under regular attack. Phishing emails were also sent to athletes in attempts to steal credentials that could be used to access a World Anti-Doping Agency database.

Japan is already bracing itself for more cyber attacks aimed at the Tokyo Olympics in 2020. For one, the Tokyo 2020 organising committee has been conducting cyber security exercises to simulate potential attacks, both in cities and rural areas.

Cyber security drills would be conducted up to six times a year, rising to 10 in the run-up to Tokyo 2020. The drills, which involve local governments, would also include simulated attacks on mock ticketing websites. Between 300 and 500 people took part in similar exercises in Rio and London.

Read more on Hackers and cybercrime prevention