Cisco Blogs
Share

Who Wasn’t Responsible for Olympic Destroyer?


February 26, 2018 - 0 Comments

This blog post is authored by Paul Rascagneres and Martin Lee.

Summary

Absent contributions from traditional intelligence capacities, the available evidence linking the Olympic Destroyer malware to a specific threat actor group is contradictory, and does not allow for unambiguous attribution. The threat actor responsible for the attack has purposefully included evidence to frustrate analysts and lead researchers to false attribution flags. This false attribution could embolden an adversary to deny an accusation, publicly citing evidence based upon false claims by unwitting third parties. Attribution, while headline grabbing, is difficult and not an exact science. This must force one to question purely software-based attribution going forward.

Read More >>>

Tags:

In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.