Sign In

Communications of the ACM

ACM News

Microsoft Takes Down a Risk to the Election, and Finds the U.S. Doing the Same


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
The first day of in-person voting in Adel, IA.

U.S. officials fear ransomware attacks could be used to lock up voting registration, tabulation, and certification systems in November.

Credit: Kathryn Gamble/The New York Times

Microsoft and a team of companies and law enforcement groups have disabled — at least temporarily — one of the world's largest hacking operations, an effort run by Russian-speaking cybercriminals that officials feared could disrupt the presidential election in three weeks.

But as soon as Microsoft began dismantling the operations last week, seeking to cripple a network of infected computers known as TrickBot that has been used to paralyze computer systems with ransomware attacks, it discovered that someone else was trying to do the same thing.

In a separate but parallel effort — which was apparently not coordinated with Microsoft — United States Cyber Command, the military cousin to the National Security Agency, had already started hacking TrickBot's command and control servers around the world late last month, according to two government officials.

The one-two punch painted a picture of the accelerating cyberconflict underway in the final weeks before the elections. Cyber Command, following a model it created in the 2018 midterm elections, kicked off a series of covert pre-emptive strikes on the Russian-speaking hackers it believes could aid President Vladimir V. Putin in disrupting the casting, counting and certifying of ballots this November. Meanwhile, Microsoft, Symantec and other American companies are doing the same.

 

From The New York Times
View Full Article

 


 

No entries found