This abstract was originally published as Microsoft take-down of Trickbot ransomware bot, Security Experts Reacted inline with Election Security by on Information Security Buzz.
Microsoft today took actions today “to disrupt a botnet called Trickbot, one of the world’s most infamous botnets and prolific distributors of ransomware,” which “cut off key infrastructure so those operating Trickbot will no longer be able to initiate new infections or activate ransomware already dropped into computer systems.”
According to Jeff Valentine, Chief Product Officer at CloudCheckr, a cloud security vendor, Microsoft effectively helped the public to have confidence in the eventual election results by eliminating one possible attack vector.
Many people think that election security is only about electronic vote counting and tabulation, but the real issues are more insidious and harder to prevent. In this case, the service Microsoft identified and shut down could have been used as a springboard for ransomware attacks, and if any of the affected systems were used during the electron process – perhaps in coordinating the distribution of staff or communicating directions on how to report results or voter lists – this could have affected the election in incalculable ways. Microsoft effectively helped the public to have confidence in the eventual election results by eliminating one possible attack vector.