Cisco Blogs

Who Wasn’t Responsible for Olympic Destroyer?

- February 26, 2018 - 0 Comments

This blog post is authored by Paul Rascagneres and Martin Lee.


Absent contributions from traditional intelligence capacities, the available evidence linking the Olympic Destroyer malware to a specific threat actor group is contradictory, and does not allow for unambiguous attribution. The threat actor responsible for the attack has purposefully included evidence to frustrate analysts and lead researchers to false attribution flags. This false attribution could embolden an adversary to deny an accusation, publicly citing evidence based upon false claims by unwitting third parties. Attribution, while headline grabbing, is difficult and not an exact science. This must force one to question purely software-based attribution going forward.

Read More >>>

Leave a comment

We'd love to hear from you! To earn points and badges for participating in the conversation, join Cisco Social Rewards. Your comment(s) will appear instantly on the live site. Spam, promotional and derogatory comments will be removed and HTML formatting will not appear.