Microsoft Seeks To Defend U.S. Election in Botnet Takedown

A coalition of technology companies used a federal court order unsealed Monday to begin dismantling one of the world's most dangerous botnets in an effort to preempt disruptive cyber-attacks before next month's U.S. presidential election. From a report: The takedown is a highly coordinated event, spearheaded by the software giant Microsoft and involving telecommunications providers in multiple countries. If the operation succeeds, it will disable a global network of infected computers created by a popular malicious software known as Trickbot. Beginning early Monday, Trickbot operators are expected to began losing communication with the millions of computers they had painstakingly infected over a period of months, even years. The loss of the botnet -- as a network of infected computers is known -- will make it more difficult for Russian-based cybercriminals and other digital marauders to do their work. It will likely take months or years for the criminals to recover, if at all.

By dramatically dismantling Trickbot's network, Microsoft and its partners believe they will likely head-off ransomware attacks that could compromise voting systems before the U.S. presidential election on Nov. 3, said Tom Burt, vice president of Microsoft's customer security and trust division. "They could tie-up voter registration roles, election night reporting results and generally be extremely disruptive," Burt said. "Taking out one of the most notorious malware groups, we hope, will reduce the risk of ransomware's impact on the election this year." Coordinated takedowns like the one Monday have become increasingly common in the last several years, although the legal and technical hurdles involved are substantial. In this case, Microsoft and its partners were able to obtain a federal court order founded on Trickbot's infringement of Microsoft's trademarks, but ultimately aimed at disconnecting communications channels the attackers use to control the malicious software.

Wow that's some hoax isn't it

[AlanObject]

I am sure it is all Ukrainians and Chinese and not any Russians, aren't you?

Dupe?

[lazarus]

A trickbot takedown article is still on the front page, though the focus on the US government's efforts, not Microsofts.

Re:

[jimtheowl]

Did Microsoft trickbot Slashdot into some good press?

Microsoft's been taking down bot nets for decades

[rsilvergun]

the bot nets generate a ton of support calls, and support calls cost Microsoft money, so they go after them. It's a win-win. We get less spam and they save money.

What's crazy here is that it's not just spam anymore, it's election integrity.

Re:

[rtb61]

Election integrity in a US election, oh you are one funny fucker, best joke I have heard in a long time. You're from the establishment aren't you, for you election integrity means being able to game the election and keep the riff raff out, no democracy for workers oh no.

Election intergerity should not be in the same sentence with the USA unless it is pointing out the total and utter lack of election integrity in US elections, that bot net, could not possibly make it worse or more corrupt or have even less i

Different actions by different people

[raymorris]

A few days ago there was an article about cyber command (part of the US government) taking some actions against this botnet. Today's article is about a separate action by private businesses led by Microsoft.

Kinda like if Iran plants a bomb in New York City, then a week later North Korea does a has attack in the subway, that would be two different articles. Different attacks by different people on related targets.

Microsoft leads in this because a) they have an interest in avoiding a situation where most Wi

Re:

[Zocalo]

The US Government's efforts appear to consist of basically "spamming" the C&C servers with large numbers of bogus entries to consume resources and waste time. This won't stop the botnet working, but will make it far less efficient.
Microsoft's efforts are aimed at actually taking down the botnet's C&C servers altogether, which is far more disruptive to the botnet's operators as this means they (hopefully) lose access to the compromised resources that the C&C servers were managing.

So, in a nu

Why now?

[Shotgun]

Why does it take an election to get this done? Was the disruption to many innocent lives not enough of a reason?

Re:

[PolygamousRanchKid]

Why does it take an election to get this done?

This is just Microsoft strategy evolution.

1980's: Own the desktop

2020's: Own the election

They've likely been working on it for some time

[rsilvergun]

and stepped up their game as they got closer to the election is all. Microsoft does have an ulterior motive here. Fewer botnets mean fewer viruses mean fewer costly support calls (even with the token amount they charge you for support when you call they lose money if you call). It also means people have a better opinion of Microsoft.

The main thing that made Apple take off was a combination of cheap shitty OEM hardware and viruses. OEM hardware is mostly pretty good these days (it's cheaper to use decent hardware than to take the returns & support calls) so all MS has to do is get viruses under control and they take care of Apple's big competitive advantage.

Re:

[Lije Baley]

All Microsoft needs to do is keep bringing the Windows UI back to rationality, while Apple keeps pushing their UIs further toward byzantine Hell.

Re:

[farble1670]

Why does it take an election to get this done? Was the disruption to many innocent lives not enough of a reason?

Same answer as to why they don't fill that pothole at the end of your street.

Re:

[jellomizer]

Public interest and Getting Government Contracts.

Normally these Botnets while they cause damage, they normally hit institutions that the public doesn't care about, oh they hit a Bank. Boo Hoo a Billion Dollar company now has to pay a few hundred thousand dollars to fix it. Or Look it hit a Hospital, Well it was their fault for having such bad security.

However now, we have an election, with a President who won via Electoral Votes however didn't get the popular vote. Also has been on the record stating that

Re:

[MobileTatsu-NJG]

Why does it take an election to get this done?

Because Republicans are being too transparent about their intent to rig this election.

Re:

[MobileTatsu-NJG]

How are Republicans doing this exactly? What are they doing to "rig this election"? What proof do you have that it's happening?

Just think: If you really wanted an answer to that question you'd either be able to make a better argument than parroting your glorious leader or you'd have a good deal more concern for the integrity of our democracy.

Re:

[tomkost]

Microsoft has taken down many botnets in the past. I think this great timing and a good cause even though there are plenty of other reasons. Sure it earns them some good press as well, as it should. https://www.zdnet.com/article/... [zdnet.com] https://www.wired.com/2012/03/... [wired.com] a big list - https://www.zdnet.com/article/... [zdnet.com]

Re:

[spazmonkey]

Why now? Because AFTER the election it will be illegal. I am sure the DOJ is already looking into Microsoft for this. Angry tweets from the WH incoming as well.

Just use paper

[nagora]

How much is making elections electronic costing, all-in?

People want results on election night

[rsilvergun]

and you can't do that with paper. This year, for example, is likely to be a huge mess as Trump claims victory on midnight of Nov 3rd only to see him get trounced as mail in ballots get counted. That's setting up a huge mess, with several militia groups threatening violence to try and stop vote counting while Trump is ahead.

Quick results will head that off.

Re:

[Tablizer]

The reverse is that riff-raff can complain that electronic voting was hacked and corrupted.

It's a damned if you do/don't scenario

[rsilvergun]

the best thing is a compromise, electronic counting via scantron and manual counting when there are disputes.

The only reason it's an issue this year is Trump has openly stated he won't accept any outcome except his victory, and is moving to compromise the Supreme Court right before an election.

I think it's safe to say (after the back pedaling we saw on SCOTUS nominees during an election year) that the GOP will do whatever it takes to win. I suppose that's admirable if you're on their side (as a left

Re:

[nagora]

God, that's Bush vrs Gore all over again you know right? All that "hanging chad, dimpled chad" was all about people using paper ballots, pouching holes in them using a manual process and counting them using machines, followed by counting the ballots that had "issues" by hand, over and over.

Yeah, I said "paper" not "shit".

Pen, box, "X", count. Person with the most votes wins.

There's no reason to make it more complicated.

Re:

[nagora]

You clearly don't get what Bush V Gore was about or what brought on the problem.

ANY physical ballot is modifiable and handling them by hand is never good. Yea, you can take precautions, but in a very close race like the presidential election in 2000 where the margin of victory was less then 600 votes.

No it wasn't. The margin of victory was 543,895 to Gore (source: Federal Election Commission). Half a million votes is clear air to most people, not "close".

Like I said, "paper" not "shit". The electoral collage system is very clearly "shit". There's no point in discussing technology when you haven't even got the basic idea that you award the post to the person who got the most votes.

I don't accept, either, that electronic counting is more secure than paper counts. To make a significant dent in a paper vote

Re:

[nagora]

What "People"? Who actually gives a fuck about getting the result on the night except the media?

Re:

[Zocalo]

Why not? The UK manages it just fine, as do many other countries that use a paper based ballot system. For the UK polls don't close until 22:00, and counting does not start until that happens (full ballot boxes will have already started to be delivered to the counting stations long before then though), with the results generally being known in the early hours of the following morning for almost all regions bar a few stragglers with on-going recounts. It's a well coreographed process, the people who gener

Fake target

[aglider]

If I was to disrupt elections I would let my opponent focus on a high profile target while preparing a lower profile one. Maybe using a yet to be published attack vector or a quiescent botnet.

You insensitive strategic clod!

Taking down C&C server is a game of whack-a-mo

[slacka]

Until they start using the servers to make sure the the infected clients are patched and/or user notified, a different bot net will take it over. The only permanity solution is to fix these zombie clients or shut them down. The threat is the standing army, not the generals.

Re:

[sideslash]

There is some truth to that. Unfortunately there is less legal ability to interfere with a "victim" machine than with a C&C "perpetrator" machine. It's a tough problem.

It is so much better when crimes are committed by dumb people.

It's Microsoft to the rescue?

[makitso]

So, is Microsoft now the white knight?

My opinion

[BillShiphr]

Good day! It is a really serious problem that such botnet platforms can influence on such great events. It is great that Microsoft understands that this is a problem of the whole country and they are trying to solve this. I am the beginning entrepreneur and now I am I thinking which platform will be better for my business: react native or ionic. I have read this article https://clockwise.software/blo... [clockwise.software] and now I am a little bit competent in this, but I want to say that even this was really hard for me. I j