Microsoft has shut down a massive hacking operation that could’ve potentially indirectly impacted election infrastructure, according to a...
Microsoft has shut down a massive hacking operation that could’ve potentially indirectly impacted election infrastructure, according to a new report.
The company announced Monday that it took down the servers behind the malware network Trickbot, which criminals were using to launch other cyberattacks, including a strain of extremely potent ransomware, CNN Business reported.
Armed with a federal court order, Microsoft disabled the IP addresses associated with the network and worked with global telecom providers to take it down, according to the report.
“Adversaries can use ransomware to infect a computer system used to maintain voter rolls or report on election-night results, seizing those systems at a prescribed hour optimized to sow chaos and distrust,” Tom Burt, Microsoft’s corporate vice president for customer security and trust, wrote in a blog post.
“We have now cut off key infrastructure so those operating Trickbot will no longer be able to initiate new infections or activate ransomware already dropped into computer systems,” he added.
Meanwhile, the US Cyber Command recently launched an operation to temporarily disrupt the same network, the Washington Post reported.
Trickbot allowed hackers to sell what Microsoft described as a service to other hackers — the opportunity to inject malware, including ransomware, into various devices.
Ransomware takes control of target computers and freezes them until victims pay up, but experts urge people not to encourage hackers by doing so, according to CNN.
Ransomware could pose a danger for websites that display election information or third-party software vendors that serve election officials, according to the report.
The risk would arise if ransomware brings down systems designed to support voting, but Check Point threat analyst Lotem Finkelsteen told CNN experts view it as “mainly a hypothetical threat right now.”
In the past, Trickbot has used “phishing campaigns” to distribute malware — luring potential victims with current topics such as Black Lives Matter and COVID-19, according to Microsoft.