Winter Olympics Hack Update (Part 1) – Facts About the Pyeongchang Data Breach

We’re not sure if you heard, but the Winter Olympic games in Pyeongchang were hacked by the Russians. Though South Korea had strengthened their defenses against a cyberattack, the hacking still created a mess for the Olympic organizers.

And one of the main problems with it is that it involved phishing.

This article, the first in a two-part series on the Olympic attacks, will help you understand what happened, why it happened, and what that means for your small business’s security. In the next article, Part 2 of the series, we’ll discuss the best ways you can avoid malware attacks at your company.

But first, let’s get the information on the Olympics.

What Happened

When the Winter Olympics ceremony in Pyeongchang was hacked, it messed up a number of things due to a ripple effect.

In essence:

  • The TVs in the press center weren’t streaming properly, so the Olympic organizers shut down the servers.
  • Shutting down the servers also unfortunately shut down the website, which meant people couldn’t print out their tickets to the events for a whopping 12 hours. (Ouch.)
  • At the same time, the WiFi also went down in the Olympic stadium, which meant the drones didn’t deploy at the opening ceremonies. (That cool snowboarder made of drones was actually pre-recorded footage that was only shown on TV.)

Why It Happened

When the attack first began, Intel blamed its lack of drone deployment on a “logistics problem,” and the South Koreans were unwilling to release much information about what went wrong. Both groups probably wanted time to investigate as much as they could before the hackers became suspicious and covered their tracks.

It turned out that the cause of the disaster was malware called “Olympic Destroyer,” which was apparently only meant to disrupt the games, not to steal information.

By the time we all knew that the Olympics had, in fact, been hacked, McAfee had identified how the hack probably occurred: third-party vendors and other organizations related to the Olympics had been spear phished prior to the event. Experts assume that cybercriminals leveraged those credentials to worm their way into the Olympic Committee’s systems, much like the Target hack from years ago.

The third-party phishing attacks began months in advance apparently, but it turned out that event attendees were in danger before, during, and now, after the games as well.

Leading up to the Olympics and continuing throughout the month of February, US-CERT (the United States Computer Emergency Response Team) warned event attendees about rising phishing concerns that could affect American ticket holders by compromising financial data, as well computers and devices.

Attendees and third-party vendors who had already been phished and attacked showed evidence that they’d been hit with fileless malware (the type you can’t find in your system, even if you’re looking), which gave the attackers a permanent presence on victim’s systems, including their mobile devices.

Although the Olympic Destroyer malware only caused an embarrassing disruption at the games (thank goodness!), it could have done a whole lot more. This is because Olympic Destroyer was router malware, a form of malware that can grant cybercriminals complete control over a targeted router and its connected networks.

And it all happened because of phishing and spear phishing attacks on businesses.

It’s time to protect your company.

Learn How to Avoid Successful Phishing and Spear Phishing Attacks at Your Business

In our next article, Part 2 of this series on the Winter Olympics cyberattack, we’ll cover what phishing is and how you can protect your company against these disturbingly effective attacks.

In the meantime, we’re happy to share with you that the best, easiest solution for protecting your business data is to outsource your IT services entirely. That way you’ll know your company stays safe, no matter what.

Looking for an IT services company that offers full-service network security solutions in the Seattle area? Consider Interplay. Since 2001, Interplay has been a leader in managed services, including data breach mitigation for small businesses.

Interplay can help you secure your systems; block malicious emails; and provide comprehensive, around-the-clock network monitoring, patching, and software upgrades with tested backups that are performed as often as every five minutes.

It’s time for you to protect yourself from a data breach by managing your IT systems better than you ever thought possible – at a cost you can afford.


Find out how easy it can be to protect your company from a data breach. Request a quote from Interplay to learn more.