Microsoft, Fortra, and others allied to obtain a court order to disrupt cracked copies of software used in ransomware attacks.
Health-ISAC quote:
The court order enables Microsoft and its partners to sever the connection between cybercriminals and infected computers, according to Bob Erdman, associate vice president, research and development at Fortra. “The recent court order will allow Microsoft to take ownership of IP addresses and domains associated with command-and-control servers used by cracked copies of Cobalt Strike and essentially will release the infected systems from control of the cybercriminals,” Errol Weiss, chief security officer of Health-ISAC, elaborates.
This disruption won’t halt cybercriminal operations, but it will put a strain on their resources. There are significant costs to them when faced with disruption efforts like this. “Anything we can do to slow them down or create distrust amongst the cybercriminal network is a good thing,” Weiss explains
April 14
Carrie Pallardy
Contributing Reporter
Microsoft’s Digital Crimes Unit (DCU), cybersecurity software company Fortra, and non-profit Health Information Sharing and Analysis Center (Health-ISAC) joined forces to obtain a court order to stop cybercriminals from using Fortra and Microsoft software to facilitate malware attacks.
This court order is not the first time Microsoft has sought legal action against threat actors. In 2021, a federal court in Virginia enabled the DCU to seize websites being leveraged by China-based hacking group Nickel. “These court orders disrupt current activity and can provide some relief until these cybercriminals pivot their tactics and infrastructure,” says Paige Peterson Sconzo, director of healthcare services with Redacted, a cybersecurity services company.
Read full article in InformationWeek here:
https://www.informationweek.com/security-and-risk-strategy/microsoft-teams-up-to-take-legal-action-against-cybercriminals
- Related Resources & News
- Potential Terror Threat Targeted at Health Sector – AHA & Health-ISAC Joint Threat Bulletin
- New Cybersecurity Policies Could Protect Patient Health Data
- CyberWire Podcast: PHP flaw sparks global attack wave
- Health-ISAC Hacking Healthcare 3-14-2025
- HSCC Aiming to Identify Healthcare Workflow Chokepoints
- New Healthcare Security Benchmark Highlights Key Investment Priorities and Risks
- Are Efforts to Help Secure Rural Hospitals Doing Any Good?
- CISA cuts $10 million annually from ISAC funding for states amid wider cyber cuts
- 2024 Health-ISAC Discussion Based Exercise Series After-Action Report
- Cobalt Strike takedown effort cuts cracked versions by 80%