This assignment analyzes the Olympic Destroyer malware attack on the 2018 Winter Olympics. It explores Sandworm’s tactics, including domain controller destruction, worm-like propagation, and deceptive attribution techniques. The article also examines the incident response effort by AhnLab and global threat intelligence teams to restore systems and contain the breach.
Category: Incident Response
Sword vs. Shield: Network Scanning and Firewall Security
This lab assignment covers network scanning techniques using Nmap and firewall configuration with pfSense. It explores the vulnerabilities discovered through the scanning process, such as open ports and potential exploitation, and demonstrates how configuring firewall rules can mitigate these risks. The exercise also evaluates the advantages and disadvantages of blocking ICMP traffic for network defense and operational efficiency.