By Jim Finkle
(Reuters) – Several U.S. cyber security firms said on Monday that they had uncovered a computer virus dubbed “Olympic Destroyer” that was likely used in an attack on Friday’s opening ceremony of the Pyeongchang Winter Games.
Games Organizers confirmed the attack on Sunday, saying that it affected internet and television services but did not compromise critical operations. Organizers did not say who was behind the attack or provide detailed discussion of the malware, though a spokesman said that all issues had been resolved as of Saturday.
Researchers with cyber security firms Cisco Systems Inc, CrowdStrike and FireEye Inc said in blog posts and statements to Reuters on Monday that they had analyzed computer code they believed was used in Friday’s attack.
All three security companies said the Olympic Destroyer malware was designed to knock computers offline by deleting critical system files, which would render the machines useless.
The three firms said they did not know who was behind the attack.
“Disruption is the clear objective in this type of attack and it leaves us confident in thinking that the actors behind this were after embarrassment of the Olympic committee during the opening ceremony,” Cisco said in its blog.
The attack took the Olympics website offline, which meant that some people could not print out tickets and WiFi used by reporters covering the games did not work during the opening ceremony, according to Cisco.
The attack did not affect the performance of drones, which were initially scheduled to be included in the opening ceremony, but later pulled from the program, organizers said in a statement.
The drone light show was canceled because there were too many spectators standing in the area where it was supposed to take place, the statement said.
(Reporting by Jim Finkle in Toronto; Editing by David Gregorio, Andrew Hay and Cynthia Osterman)