Who wasn’t responsible for Olympic Destroyer?

Wednesday 3 October 15:00 - 15:30, Green room

Paul Rascagneres (Cisco Talos)
Warren Mercer (Cisco Talos)



This year's Winter Olympic Games took place in Pyeongchang, Korea. Several media outlets mentioned technical issues having occurred during the opening ceremony. In this presentation we will present the malware we have identified - with moderate confidence - as having been used in the attack. First, we will describe the malware's propagation techniques and its destructive capabilities. The second part of the presentation will be about attribution and how, in this particular case, the attacker included several false flags in order to point to well-known threat actors. The conclusion of the presentation will open the discussion about how hard attribution can be and our view concerning the future of this discipline.

 

 

Paul-Rascagneres-web.jpg

Paul Rascagneres

@r00tbsd

 

 

 

Warren-Mercer-web.jpg

Warren Mercer

@SecurityBeard

 

 

Related links


   Read paper    Watch video

Other VB2018 papers

Inside Formbook infostealer

Gabriela Nicolao (Deloitte)

Hide'n'Seek: an adaptive peer-to-peer IoT botnet

Adrian Șendroiu (Bitdefender)
Vladimir Diaconescu (Bitdefender)

Foreverdays: tracking and mitigating threats targeting civil society orgs

Masashi Nishihata (Citizen Lab)
John Scott Railton (Citizen Lab)

Back to VB2018 Programme page

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.