The US is a mere two weeks away from the most pivotal presidential election in modern history. Experts warn that ransomware represents one of the most significant threats to the election.
“Just imagine that four to five precincts were hit with ransomware on Election Day,” says Microsoft executive, Tom Burt.
Per US District Court order, Microsoft recently decommissioned key infrastructure belonging to foreign operators who manage the TrickBot botnet, a conduit for distributing ransomware. However, as Microsoft ramped up involvement in this initiative, they found that another group also seemed intent on dismantling this hacker ring.
In an effort two weeks prior, The United States Cyber Command had launched a series of covert strikes against TrickBot’s servers and blocked access to computers that have served as attack launch points.
The fierce pursuit of foreign ransomware attackers is critical in safeguarding the US elections. Ransomware attacks are on the rise. Officials are concerned that concerted ransomware attack efforts could freeze voter registration systems and render tabulation and certification systems unusable.
Concern is rooted in recent attacks:
A few short weeks ago, a prominent software vendor that sells products to municipalities and US states experienced a ransomware attack that appeared to emanate from foreign groups.
This ransomware attack alone is not extraordinary, until you consider the fact that the vendor’s clients also reported cyber interference. A prevailing hypothesis is that a nefarious group somehow intended to use these attacks and their bounty jeopardize the US elections.
The US Cyber Security and Infrastructure Agency’s actions:
Cyber security experts have made “tremendous progress” in curbing potential election-related cyber hacks, says Brian Krebs. In addition to addressing cyber security and IT infrastructure, the agency is working to develop manual backup systems for polling officials.