On February 26, 2018, Cisco’s Talos Labs published “Who Wasn’t Responsible for Olympic Destroyer?” article on their website, believes the technology it uses has ties to hacking teams in North Korea, China, and Russia, while U.S. intelligence officials believe the attacker is a military hacker in Russia. Talos Labs found that part of the Olympic Destroyer code is linked to the North Korean hacker team Lazarus Group, while others are linked to the Chinese hacker team APT3 and APT10, with some codes related to Russia.
Information given by US intelligence officials claimed that South Korea’s routers were intruded before the Olympics, and the invaders were Russia’s foreign intelligence agencies. The compromised router can be used to reroute network traffic, monitor traffic, or launch a man-in-the-middle attack.