Microsoft has taken down a massive hacking operation that it said could have indirectly affected election infrastructure if allowed to continue. According to The Washington Post, the company took down an enormous malware network that criminals were using to launch the cyberattacks, including a strain of highly potent ransomware.
“Adversaries can use ransomware to infect a computer system used to maintain voter rolls or report on election-night results, seizing those systems at a prescribed hour optimized to sow chaos and distrust,” Microsoft VP of security Tom Burt said.
“Microsoft obtained a federal court order to disable the IP addresses associated with Trickbot’s servers, and worked with telecom providers around the world to disrupt their network,” The Post reported.
The action coincides with an offensive by US Cyber Command to tackle the cybercriminals’ operation ahead of the November election.
Microsoft acknowledged that the attackers are likely to adapt and seek to revive their operations eventually. But, Microsoft said, the company’s efforts reflect a “new legal approach” that may help authorities fight the network going forward.
This is a developing story and will be updated.