Who wasn’t responsible for Olympic Destroyer?

Wednesday 3 October 15:00 - 15:30, Green room

Paul Rascagneres (Cisco Talos)
Warren Mercer (Cisco Talos)



This year's Winter Olympic Games took place in Pyeongchang, Korea. Several media outlets mentioned technical issues having occurred during the opening ceremony. In this presentation we will present the malware we have identified - with moderate confidence - as having been used in the attack. First, we will describe the malware's propagation techniques and its destructive capabilities. The second part of the presentation will be about attribution and how, in this particular case, the attacker included several false flags in order to point to well-known threat actors. The conclusion of the presentation will open the discussion about how hard attribution can be and our view concerning the future of this discipline.

 

 

Paul-Rascagneres-web.jpg

Paul Rascagneres

@r00tbsd

 

 

 

Warren-Mercer-web.jpg

Warren Mercer

@SecurityBeard

 

 

Related links


   Read paper    Watch video

Other VB2018 papers

Foreverdays: tracking and mitigating threats targeting civil society orgs

Masashi Nishihata (Citizen Lab)
John Scott Railton (Citizen Lab)

The Hitchhiker’s Guide to the North Korean malware galaxy

Jay Rosenberg (Intezer Labs)
Itai Tevet (Intezer Labs)

Hide'n'Seek: an adaptive peer-to-peer IoT botnet

Adrian Șendroiu (Bitdefender)
Vladimir Diaconescu (Bitdefender)

Back to VB2018 Programme page

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.