This is the best way to watch the Winter Olympics 2018 online - from absolutely anywhere in the world - without any commercial breaks:

2017 was not a good year for cybesecurity. Though, depending on how you look at it, it was a good year for cybersecurity awareness. There was a major breach or announcement nearly every month of the year. The previous few years weren’t much better. With so many businesses – even ones large enough to hire their own information security teams – being victimized by hackers, it should be blatantly obvious to everyone that cybersecurity across the board could do with an upgrade. The biggest problem is that security breaches can go undetected for years, especially if you’re not monitoring properly. And the longer it remains open, the higher the cost of a breach. Worst of all, notifying affected users too long after the fact can result in a damaged reputation and public backlash.

That’s why we’ve put together a brief guide to identifying breaches and some tips for how to respond if you’ve found one. Even without a background in technology, by the time you’re done reading this, you should be savvy enough to recognize red flags and take action.

How Hackers Strike

Hackers and malicious users implement a variety of tactics to exploit your systems. A number of them are highly technical, and unless you have a firm understanding of computer systems, you won’t be properly equipped to deploy a countermeasure. That’s why it’s important to have experts you can count on (either external or internal to the company) to defend your systems.

That said, cybersecurity has grown by leaps and bounds, and it’s not as easy to hack a system as it used to be. Plus, not every malicious user knows how to do it. So, many hackers opt for a different tactic: social engineering (sometimes jokingly referred to as “wetware hacking”). By manipulating people, hackers can get access even when more direct intrusions aren’t possible.

Signs You’ve Been Compromised

While it won’t be obvious if you’ve had a security breach, there will be certain symptoms. To the unobservant, they will seem like a minor annoyance, but if you notice these symptoms, it’s time to have your IT team do some digging.

A Snail’s Pace

If you find that your computer or your internet browser is suddenly running more slowly than normal, even after updating and restarting, then that may be a sign there is malware running on your computer. Malware, like a parasite, leeches processing power from your computer to do its job, and your first clue is this slowdown effect.

The Ominous Annoyance

Pop-ups, intrusive ads and website redirects happen from time to time, but they’re not omnipresent. At least, not normally. If you find that, even with ad blockers, you’re being inundated by annoying advertisements, it’s likely you’ve either been compromised already or someone’s trying really hard to get you to click on one of the links and download some malware.

All Locked Up

We all forget or mistype our password from time to time, and that can occasionally result in a lockout. But if you find you’re locked out even on the first try, that’s a cause for concern. It’s possible someone else is trying to (unsuccessfully) log into your profile, or they’re already in and have changed the password.

Space Invader

Most employees at a company who use a computer are given some personal space to work. Keep an eye on this space, including what’s going on inside the computer, for anything suspicious. If things are moved or changed on your desk, if your chair has been messed with, if files or settings on your computer have been moved, deleted or tampered with, or even if the computer is left on when you swore you turned it off, it’s time to look a little closer. Your company may have been breached internally.

How to Respond to a Breach

If you do detect that you’ve been breached, shoring up security should be your highest priority. Aside from closing the vulnerability, you need to do some digging and learn four things:

• How were you breached?
• When did it happen?
• What was taken/damaged?
• Who was affected?

Once you have this information, you’ll want to immediately notify anyone who was affected. Moreover, depending on your location and the size of the breach, you may need to notify the public, news, and/or government agencies where applicable (laws vary by state). Don’t stop there, though. The more proactive you get, the more effective you’ll be at cyber safety and mitigating damage, and the faster you’ll get the business back on its feet.

While incursions are impossible to avoid altogether, with a little vigilance and a little help, you can dodge most of the bullets and recover much more quickly if you get hit.

A cyberattack targeting the 2018 Winter Olympics in Pyeongchang, South Korea aimed to cause disruption at the start of the Games and required deep knowledge of the infrastructure - a sign the attackers had previously compromised it, according to researchers.

The attack took place prior to the Opening Ceremonies held on Friday, Feb. 9 and interfered with TV and Internet systems. Olympics officials confirmed technical issues affecting non-critical systems and completed recovery within 12 hours. On Sunday, Feb. 11, they confirmed that a cyberattack had taken place but didn't offer additional details.

Researchers at Cisco Talos identified malware samples used in the attack "with moderate confidence" and report the infection vector is currently unknown. Evidence indicates the actors responsible were not seeking information or monetary gain: Their primary goal was likely to cause destruction.

'Olympic Destroyer'

The so-called "Olympic Destroyer" malware studied by Cisco renders machines unusable by deleting shadow copies and event logs, and tries to use PsExec and WMI to move across the environment. Talos analysts point out they had previously seen this behavior in both the BadRabbit and Nyetya (NotPetya) attacks.

The initial malware sample is a binary that drops multiple files onto the target machine. From there, the malware moves laterally throughout the network, using two information stealers and hardcoded credentials within the binary. Talos found 44 individual accounts in the library and says the malware author knew several technical details about the Olympics infrastructure including username, domain name, server name, and password data.

"This is a targeted attack and this involves some reconnaissance," says Craig Williams, director of Cisco Talos outreach. "The attacker came into the campaign knowing a large number of accounts. That involves, obviously, a phishing campaign or an intelligence-gathering campaign."

A key takeaway is this malware doesn't use an exploit to spread, Williams continues. It spreads through normal tools using valid credentials, a tactic that will help attackers evade most security tools.

The destructive part of the attack starts during execution. After files are written to disk, the malware deletes all possible shadow copies on the system. It then takes steps to complicate file recovery and ensure the Windows recovery console doesn't try to repair anything on the host.

"Wiping all available methods of recovery shows this attacker had no intention of leaving the machine usable," Talos researchers report. The purpose of the malware is to perform destruction of the host, leave the system offline, and wipe remote data. It also disables all services on the system.

Earlier Attacks on the Olympics

This isn't the first instance of an attack targeting the 2018 Winter Games.

McAfee Advanced Threat Research previously detected a fileless attack targeting organizations involved with the Pyeongchang Olympics. The threat used a PowerShell implant to connect target machines with the attacker's server and transfer system-level data. At the time, researchers were unsure what happened after the attacker gained access.

Now they say this attack had a second-stage payload in the form of Gold Dragon, a Korean-language implant detected in December 2017. Gold Dragon has stronger persistence than the original PowerShell payload and expanded capabilities for profiling target systems. It lets an attacker gather information on system processes, files, registry content, and data.

In early February, prior to the Opening Ceremonies, researchers updated their findings to report another variant of the fileless implant in a new malicious document. This document had the same metadata properties and same information as the campaign discovered in January.

"It's an indication the attacker has resumed deploying a new version of this implant," says Ryan Sherstobitoff, senior analyst of major campaigns at McAfee. "Gold Dragon is a more persistent type of implant that gave them far-reaching capabilities on the network."

Targeted attacks have different stages of payloads, he explains. The first gives them access; the second installs something more persistent. In this case, the earlier fileless attack could have given a threat actor the entry to drop Gold Dragon on the target network.

Sherstobitoff emphasizes there is no indication the attacker behind the earlier campaign is connected to the Opening Ceremonies-timed attack. However, Gold Dragon could have given them the level of access to collect the information they needed to conduct it.

CrowdStrike identified samples of a previously unknown malware family seemingly designed for data destruction. Earliest samples were detected on Feb. 9, the day of the Opening Ceremonies. All samples have sets of hard-coded credentials belonging to Olympics-related targets that let threat actors spread in a target network. Several attackers had access to organizations related to the targets through malicious backdoors, CrowdStrike reports, but it can't confirm whether anyone used this access to deliver malware.

Too Soon to Determine Whodunnit

"I don't want to say it's trivial, but it's not the most complicated piece of malware," says Warren Mercer, Cisco Talos technical lead for engineering, of the attack his team studied. "There's no crazy effort to try and obfuscate their code; there are no super-advanced techniques."

However, he continues, it's likely a sophisticated attacker is at play given the previous access to Olympics systems and ability to hardcode lifted credentials. The question is, which one?

"It's a tricky question when it comes to who could be behind a threat like this," adds Williams. This could be a new threat actor or group, he says, adding that many well-funded campaigns have pockets of developers. Attribution is further complicated by the publicity of widespread attacks like NotPetya, which have given rise to "copycats" who may be responsible, he notes.

Meanwhile, the US-CERT has issued a statement on cybersecurity at the Olympics and offered guidance for attendees to protect themselves against threats including data theft and third-party monitoring, as attackers may take advantage of the large audience to spread messages.

Engin Kirda, cofounder and chief architect at Lastline, points out how denial-of-service attack campaigns are one of the easiest attacks against large events like the Olympics. Outside event attendees and organizers, and fans are often targeted with phishing emails, domain theft, ransomware, and fake social media posts. These days, employees can expect to see malicious emails related to the Games.

"If an employee falls victim to one of these attacks on a work machine, it may put their business at risk as well," Kirda notes. "IT teams should caution employees about clicking on links or attachments from Olympics-related emails."

In recent weeks, Apple has revealed that it intentionally slows down older model iPhones with the release of newer and shinier additions to the iOS lineup. Apple has justified the move, saying that they throttle the processor’s performance so as not to overwork aging batteries, denying that it has anything to do with forcing people to upgrade. Of course, replacing an iPhone battery is far more complicated than with any other phone since Apple doesn’t manufacture its phones with removable batteries. But with this revelation, Apple is offering discounted battery replacements.

How to Test If Your iPhone Is Being Slowed Down

While there are a couple of paid apps like GeekBench and CPU DasherX that you can use to find out if your phone has been slowed down, there’s also a website that does it for free if you own an iPhone 6S and up.

Visit SlowApple on your phone and you can run a test that will give you a sense of just how much your phone is affected. If you have Low Power Mode turned on, turn it off before running the test.

Tap the Go button and if your phone completes the test in less than 8 seconds, you’re among the lucky few whose phone is just fine. Anything over 8 seconds means your phone is being slowed down.

You can also check on your iPhone battery status by going to Settings > Battery. If there is a problem with your battery, you may see this message: “Your iPhone battery may need to be serviced.”

What to Do About a Slowed Down iPhone

If your phone is slow and you aren’t in the market for a new phone, you can have the battery replaced. Apple is now offering $50 off for anyone looking to replace their battery. Instead of shelling out over $79 for a new battery, it will cost you $29.

This offer is available until the end of 2018 and you can initiate the request through their support page.

iPhone users with the following models are eligible for one battery replacement:

• iPhone SE,
• iPhone 6, iPhone 6 Plus
• iPhone 6s, iPhone 6s Plus
• iPhone 7, iPhone 7 Plus
• iPhone 8, iPhone 8 Plus
• iPhone X

Using their support page, contact Apple Support by phone or chat to reserve a battery before visiting an Apple Store. You can also mail your phone to have the battery replaced, but will have to pay an extra $6.95 for shipping.