The recent Olympic Destroyer attack used sophisticated false flags inside its malware to trick cybersecurity researchers and cybersecurity solutions.
The Olympic Winter Games in Pyeongchang, South Korea, was hit by a cyber attack that caused temporary disruption to IT systems, including the official Olympics website, display monitors, and Wi-Fi connections. The attack used Olympic Destroyer, a malware designed to wipe files and make systems inoperable, and steal passwords from browsers and Windows.
After the compromised credentials were used to spread the malware to other devices on the network.
This cybersecurity problem could have been easily avoided by implementing a cybersecurity solution inside every device, so don’t let your guard down depending of which OS your device is running it is mandatory to install an antivirus for Windows or antivirus for Mac.
This malware is using the leaked NSA exploit known as EternalRomance to spread via the SMB protocol.
After running a malware analysis, some discoveries pointed the finger at North Korea, while others blamed China or Russia.
We are not sure who is behind this cybersecurity problem, but we have found an interesting clue: a unique “fingerprint” associated with the notorious Lazarus Group, which has been linked to North Korea and blamed for high profile attacks such as the one on Sony, and the WannaCry campaign.
This fingerprint, a 100% match to known Lazarus malware components, was more likely a sophisticated false flag planted by the hackers to throw cybersecurity researchers off track.
This demonstrates how much effort hackers are willing to spend to stay unidentified for as long as possible.
It was found evidence that suggests the involvement of the notorious group known as Sofacy, Fancy Bear, APT28, and Pawn Storm, which is sponsored by the Russian government.
Links to China have also been found, and this links led to the discovery of numerous code fragments uniquely linked to threat groups tracked as APT3, APT10, and APT12.
The sophistication of this attacks is increasing exponentially day after day, and this is why is imperative to protect all of your devices whit a robust cybersecurity solution, depending on which OS your device is running it is mandatory to install an antivirus for Windows or antivirus for Mac.
If you are a company the install of antivirus is only the first layer of security, you must contract a cybersecurity company that will carry some advance cybersecurity tests to your company networks, like penetration tests, and ethical hacking tests. This kind of checks must be made every year because cyber security threats evolve and you must find and fix any cybersecurity flaws as soon as they are discovered.
If your business is a 100% online business consider using only cyber-secured web hosting services.