Microsoft take-down of Trickbot ransomware bot, Security Experts Reacted inline with Election Security

Microsoft today took actions today “to disrupt a botnet called Trickbot, one of the world’s most infamous botnets and prolific distributors of ransomware,” which “cut off key infrastructure so those operating Trickbot will no longer be able to initiate new infections or activate ransomware already dropped into computer systems… “Today’s action will protect a wide range of organizations including financial services institutions, government agencies, healthcare facilities, businesses, and universities from the various malware infections Trickbot enabled.”


EXPERTS COMMENTS
Chloé Messdaghi, VP of Strategy,  Point3 Security
October 14, 2020
Hackers – not to be confused with attackers – have an important role to play moving forward.
Microsoft has truly done an important service in thwarting Trickbot – it’s especially important because so many cities, towns, and tribal jurisdictions across the US rely on outdated technology including systems that have reached effective end-of-life, meaning that vendors no longer issue patches and security updates, leaving them even more vulnerable to the kinds of ransomware attacks spread ....
[Read More >>]
Mike Puglia, Chief Strategy Officer ,  Kaseya
October 15, 2020
Ryuk ransomware, which can shut down entire networks until a ransom payment is made, is often delivered through phishing emails.
Major efforts from both the private and public sector were used to disrupt TrickBot operations in the leadup to the US presidential election. Microsoft obtained an order in the Eastern District of Virginia last week that gave the tech giant control over the TrickBot botnet, a global network it describes as the largest in the world. The US Cyber Command also conducted operations against TrickBot to ....
[Read More >>]
Jeff Valentine, CTO,  CloudCheckr
October 14, 2020
Microsoft effectively helped the public to have confidence in the eventual election results by eliminating one possible attack vector.
Many people think that election security is only about electronic vote counting and tabulation, but the real issues are more insidious and harder to prevent. In this case, the service Microsoft identified and shut down could have been used as a springboard for ransomware attacks, and if any of the affected systems were used during the electron process - perhaps in coordinating the distribution of ....
[Read More >>]
Andrea Carcano, Co-founder and CPO,  Nozomi Networks
October 14, 2020
By proactively getting in front of Necurs, Microsoft was able to significantly disrupt the botnet.
This isn’t the first time that Microsoft has leveraging trademark laws to chase down botnets operators. They used the tactic back in 2011 to take down Rustock. IoT botnets are among the fastest-growing categories of attacks, and Trickbot alone has impacted millions of computers. While botnet operators are using every trick in the book to expand their malicious activity, defenders, for obvious re ....
[Read More >>]
Suzanne Spaulding, Adviser ,  Nozomi Networks
October 14, 2020
Microsoft has done previous botnet take-downs but this one is particularly important in the midst of the 2020 election.
The Microsoft take-down is an example of exactly the kind of whole-of-nation, even whole-of world, approach we need. The private sector working with government at all levels, including state and local governments who've been victims and multiple federal entities, including the courts, as well as international partners, all coming together to identify and disrupt the bad guys. Microsoft has done pr ....
[Read More >>]
Saryu Nayyar, CEO,  Gurucul
October 14, 2020
It will take more to put a real dent in Cybercrime.
The coordinated effort to take down TrickBot shows that there is hope to counter malicious actors at scale. When organizations cooperate in support of everyone's shared best interests, we can all benefit. But this is just a first step. It will take more to put a real dent in Cybercrime, starting with a solid security posture in our own environments, and ending with coordinated industry and law ....
[Read More >>]

If you are an expert on this topic:

Submit Your Expert Comments


In this article