Someone needs to.
Microsoft Teams Up to Take Legal Action Against Cybercriminals
Microsoft, Fortra, and others allied to obtain a court order to disrupt cracked copies of software used in ransomware attacks.
By Carrie Pallardy, Contributing Reporter in InformationWeek
Microsoft’s Digital Crimes Unit (DCU), cybersecurity software company Fortra, and non-profit Health Information Sharing and Analysis Center (Health-ISAC) joined forces to obtain a court order to stop cybercriminals from using Fortra and Microsoft software to facilitate malware attacks.
This court order is not the first time Microsoft has sought legal action against threat actors. In 2021, a federal court in Virginia enabled the DCU to seize websites being leveraged by China-based hacking group Nickel. “These court orders disrupt current activity and can provide some relief until these cybercriminals pivot their tactics and infrastructure,” says Paige Peterson Sconzo, director of healthcare services with Redacted, a cybersecurity services company.
This new court order, granted by the US District Court for the Eastern District of New York, will allow the three organizations to disrupt threat actor operations related to Fortra’s Cobalt Strike and Microsoft software development kits and APIs. Cobalt Strike is a post-exploitation tool used to simulate adversary behavior, according to a Microsoft blog post. Cybercriminals use illegal, “cracked” copies of Cobalt Strike, as well as Microsoft software, to launch malicious attacks. Microsoft pointed to attacks against the Costa Rican government and the Irish Health Service Executive as examples.
The scope of this effort is greater than work done by the DCU in the past. “Instead of disrupting the command and control of a malware family, this time, we are working with Fortra to remove illegal, legacy copies of Cobalt Strike so they can no longer be used by cybercriminals,” Microsoft writes in its blog post.
How will this new court order be used to disrupt cybercrime, and could more legal action follow?
No comments:
Post a Comment