"Trying to disrupt this elusive threat is very challenging as it has various fallback mechanisms, and its interconnection with other highly active cybercriminal actors in the underground makes the overall operation extremely complex," Jean-ian Boutin, head of threat research at ESET, said in a statement. It had been primarily used for cybercrimes against banks and hospitals, but could have easily turned its targets onto election infrastructure. The court granted an order to allow Microsoft to disable IP addresses and servers used by Trickbot, and also block them from buying more servers.įor years, the botnet had been particularly difficult to stop because it had a vast network of backups it could use. Microsoft has used this argument to take down other hacking operations in the past, but Trickbot is the largest one yet. The company filed a lawsuit in Virginia arguing that Trickbot violated Microsoft's copyrights by using its software code for malicious purposes. Rather than using digital measures to take down the botnet, Microsoft went the legal route. While that operation reportedly took down Trickbot for only about three days, the actions by Microsoft and the group of cybersecurity companies are expected to have a longer-term effect. Am I registered to vote in my state? How to find out and sign up.How vote by mail works in all 50 states this 2020 presidential election.Voting in 2020 election: What you need to know about voting by mail, polling places, online ballots.9 that the US military launched cyberattacks against Trickbot. Tech companies aren't the only ones who had their sights set on Trickbot - the Washington Post reported on Oct. The takedown came about through a partnership between Microsoft and cybersecurity companies Symantec, ESET, Black Lotus Labs, NTT and FS-ISAC. election already underway, we need to be especially vigilant in protecting these systems." How the TrickBot takedown went down and I firmly believe that we're on the verge of a global emergency," Cybersecurity and Infrastructure Security Agency director Chris Krebs said in a statement. "The types of harmful activities enabled by TrickBot, including ransomware attacks, are clearly on the rise in the U.S. The cybersecurity arm of the Department of Homeland Security expressed its gratitude for the work by Microsoft and its partners to disrupt the operation. "We have now cut off key infrastructure so those operating Trickbot will no longer be able to initiate new infections or activate ransomware already dropped into computer systems," Microsoft's vice president of customer security and trust, Tom Burt, said in a statement. Trickbot hasn't affected any election infrastructure yet, and US officials have noted that there haven't been significant cyberattacks against the US election, but the takedown announced Monday closes off a powerful tool that Russian hackers could've used to interfere with the election. Trickbot, the world's largest botnet, is believed to be behind last month's ransomware attack on Universal Health Services, which locked up computers in hundreds of hospitals in the US. Ransomware attacks have steadily increased over the four years since Trickbot came online, and they've targeted municipal institutions like schools, courts and hospitals. Ransomware attacks are also a concern for counties because they don't have many cybersecurity resources. While a ransomware attack wouldn't change votes and could only lock up machines, the chaos stirred by a cyberattack could create uncertainty about the outcome of the results.Įlection officials in most states have offline backup measures in the event of a ransomware attack, but have a harder time tackling the disinformation that comes with getting hacked. On Monday, Microsoft announced actions against Trickbot, a Russian botnet that's infected more than a million computers since 2016 and that's behind scores of ransomware attacks.Ĭybersecurity experts have raised concerns about ransomware attacks casting doubt on election results. This story is part of Elections 2020, CNET's coverage of the voting in November and its aftermath.Ī group of tech companies dismantled a powerful hacking tool used by Russian attackers just three weeks before the US presidential election.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |