Actions

Microsoft gets control of, dismantles ransomware system ahead of elections

Microsoft gets control of, dismantles ransomware system ahead of Elections
Posted at 9:18 AM, Oct 12, 2020
and last updated 2020-10-12 12:24:10-04

Microsoft took legal steps to dismantle a system that has allowed criminal hackers to infect more than a million computing devices since 2016, in order to protect the 2020 election.

The technology company obtained a court order from a federal judge in Virginia that gives Microsoft control of the Trickbot botnet.

Microsoft, along with partners around the world, were able to make it so those operating Trickbot cannot initiate new infections or activate ransomware already in computer systems.

Trickbot botnet is a global network believed to be run by Russian-speaking criminals, and is “one of the world’s most infamous botnets and prolific distributors of ransomware” according to a blog post by Tom Burt, Corporate Vice President at Microsoft.

Burt says ransomware is “one of the largest threats to the upcoming elections,” and can be used to “infect a computer system used to maintain voter rolls or report on election-night results, seizing those systems at a prescribed hour optimised to sow chaos and distrust.”

The move by Microsoft represents a “new legal approach” the company says they are using for the first time.

In addition to protecting election systems, Microsoft says dismantling Trickbot will also protect financial services institutions, government agencies, healthcare facilities, educational institutions, and other businesses subject to malware infections.