Microsoft announced in October that it successfully foiled an advanced and dangerous malware network called Trickbot. The threat actor infiltrates computer systems and usually holds them for ransom, with cybersecurity experts fearing it could be used to target the US presidential elections. That is why they were thrilled when they heard Microsoft’s news. But their relief was short-lived as Trickbot resurfaced less than two weeks later, hitting hospitals across the United States with an unprecedented wave of ransomware attacks. The FBI said the criminals combined Trickbot with other viruses to execute the attack, causing system disruptions and delaying surgeries. Officials warned that more threats from the same Trickbot group could be on the horizon and may target election day.
The ransomware attacks on US hospitals demonstrate how quick and relentless Trickbot creators can adapt to security persecutions. They soon adopted new tools to launch offensives against their targets. Jeremy Kennelly, analysis manager at FireEye’s Mandiant Threat Intelligence unit, said the cybercriminals swiftly rebuilt the botnet and used other malware at their disposal in the cyberattack on hospitals. And their determination proves it is unlikely they’ll go away come election time, even with security giants like Microsoft on their tail.
“Microsoft’s disruption of the TrickBot botnet was highly successful, however there was evidence shortly thereafter suggesting that the botnet was quickly rebuilt,” Kennelly stated. “Despite this back and forth, it appears as though there are ongoing attempts to disrupt the TrickBot botnet’s infrastructure which are proving successful, at least for the time being.”
Experts have cautioned that ransomware attacks could target local election offices and cause chaos by accessing and encrypting sensitive information and files. That is why Microsoft, with the help of the US Military’s Cyber Command, put rigorous efforts to prevent Trickbot from carrying out these onslaughts. Tom Burt, security VP at Microsoft, claimed last month that the company dismantled 94% of the botnet’s infrastructure worldwide. He did warn, though, that the malware network’s developers can still find new methods.
Rerouting and encrypting your traffic and data with a VPN enhances your security and privacy and reduces malware threats. TheVPN.Guru has detailed VPN guides and reviews, as well as cybersecurity news and tips.