Microsoft took to the hacking network with the potential to disrupt the elections

 

Microsoft took to the hacking network with the potential to disrupt the elections

Russian hacker network was behind the attacks ransomware that ensnared hundreds of hospitals. The next target could have been elections.

A group of technology companies dismantled as a powerful hacking tool used by the attackers Russia just three weeks before the US presidential election. On Monday, Microsoft announced the action against Trickbot, Russian botnet that infected more than one million computers since 2016 and is behind a number of ransomware attacks.

cybersecurity experts have raised concerns about ransomware attacks doubt on the election results. While ransomware attack would not change the assessment and can only lock the machine, turmoil stirred by a cyber attack could create uncertainty about the outcome of the results.

Election officials in most states have an offline backup measures in the event of ransomware attacks, but had a hard time overcoming the disinformation that comes with getting hacked. Ransomware attacks are also a concern for the district because they do not have many resources to cybersecurity.

Ransomware attacks has steadily increased over the four years since Trickbot come online, and they have targeted the city institutions such as schools, courts and hospitals. Trickbot, the world's largest botnet, which is believed to be behind ransomware attack last month on Universal Health Services, the computer locked up in hundreds of hospitals in the United States.

Trickbot not affect the election infrastructure yet, and US officials have noted that there has been no significant cyber attacks against the US election, but the takedown announced Monday shut off a powerful tool that Russian hackers can now be used to disrupt the elections.

"We now have cut key infrastructure so that they Trickbot operation will no longer be able to start a new or activate ransomware infections have dropped into the computer system," Microsoft's vice president of consumer safety and trust, Tom Burt, said in a statement.

The cybersecurity arm of the Department of Homeland Security to express thanks to the work by Microsoft and its partners to disrupt the operation.

"The types of malicious activity enabled by TrickBot, including ransomware attacks, which obviously increased in the US and I strongly believe that we are on the verge of a global emergency," said Infrastructure Cybersecurity Security Agency and director Chris Krebs in a statement. "And with the US election is already underway, we need to be vigilant in protecting this system."

How TrickBot takedown down

takedown came about through a partnership between Microsoft and cybersecurity firm Symantec, ESET, Black Lotus Labs, NTT and FS-ISAC. technology companies are not the only people who have their sights set on Trickbot - Washington Post reported on October 9 that the US military launched cyber attacks against Trickbot.

ELECTION 2020

Voting in the 2020 election: What you need to know about voting by mail, polling stations, ballot online

How to vote by mail works in all 50 states presidential election 2020

Am I registered to vote in my country? How to find and register

While the operation that reportedly lowered Trickbot only about three days, action by Microsoft and a group of cybersecurity company is expected to have long-term effects. Instead of using the steps for recording digital botnet, Microsoft go the legal route.

The company filed a lawsuit in Virginia on the grounds that Trickbot infringe Microsoft's copyright by using the software code for nefarious purposes. Microsoft has used this argument to other hackers operating record in the past, but Trickbot is one of the biggest yet.

the court granted to allow Microsoft to disable IP addresses and servers used by Trickbot, and also block them from buying more servers.

Over the years, botnets have been very difficult to stop because it has a vast network of backups that can be used. It has been mainly used for cyber crimes against banks and hospitals, but could easily turn the target into the election infrastructure.

"Trying to disrupt the threat elusive is particularly challenging because it has a variety of fallback mechanism, and interconnections with the actors cybercriminal other highly active in the brand underground whole complex operation," Jean-ian Boutin, head of threat research at ESET, told the a statement.

The company behind the takedown did not expect the world behind the operator botnet to stay offline, and say they will continue to take legal action if it rises again.