Who wasn’t responsible for Olympic Destroyer?

Wednesday 3 October 15:00 - 15:30, Green room

Paul Rascagneres (Cisco Talos)
Warren Mercer (Cisco Talos)

This year's Winter Olympic Games took place in Pyeongchang, Korea. Several media outlets mentioned technical issues having occurred during the opening ceremony. In this presentation we will present the malware we have identified - with moderate confidence - as having been used in the attack. First, we will describe the malware's propagation techniques and its destructive capabilities. The second part of the presentation will be about attribution and how, in this particular case, the attacker included several false flags in order to point to well-known threat actors. The conclusion of the presentation will open the discussion about how hard attribution can be and our view concerning the future of this discipline.




Paul Rascagneres






Warren Mercer




Related links

   Read paper    Watch video

Other VB2018 papers

Prisoner's dilemma: threat intelligence sharing between competitors

Adam Meyers (CrowdStrike)

Panel discussion: Will WHOIS go dark? Threat intelligence in the post GDPR era.

Michael Osterman (Osterman Research)
Norm Ritchie (Secure Domain Foundation)
Tom Bartel (Return Path Data Services)
Mark Kendrick (DomainTools)

Inside Formbook infostealer

Gabriela Nicolao (Deloitte)

Back to VB2018 Programme page

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.