Microsoft, Fortra, and others allied to obtain a court order to disrupt cracked copies of software used in ransomware attacks.
Health-ISAC quote:
The court order enables Microsoft and its partners to sever the connection between cybercriminals and infected computers, according to Bob Erdman, associate vice president, research and development at Fortra. “The recent court order will allow Microsoft to take ownership of IP addresses and domains associated with command-and-control servers used by cracked copies of Cobalt Strike and essentially will release the infected systems from control of the cybercriminals,” Errol Weiss, chief security officer of Health-ISAC, elaborates.
This disruption won’t halt cybercriminal operations, but it will put a strain on their resources. There are significant costs to them when faced with disruption efforts like this. “Anything we can do to slow them down or create distrust amongst the cybercriminal network is a good thing,” Weiss explains
April 14
Carrie Pallardy
Contributing Reporter
Microsoft’s Digital Crimes Unit (DCU), cybersecurity software company Fortra, and non-profit Health Information Sharing and Analysis Center (Health-ISAC) joined forces to obtain a court order to stop cybercriminals from using Fortra and Microsoft software to facilitate malware attacks.
This court order is not the first time Microsoft has sought legal action against threat actors. In 2021, a federal court in Virginia enabled the DCU to seize websites being leveraged by China-based hacking group Nickel. “These court orders disrupt current activity and can provide some relief until these cybercriminals pivot their tactics and infrastructure,” says Paige Peterson Sconzo, director of healthcare services with Redacted, a cybersecurity services company.
Read full article in InformationWeek here:
https://www.informationweek.com/security-and-risk-strategy/microsoft-teams-up-to-take-legal-action-against-cybercriminals
- Related Resources & News
- Health-ISAC whitepaper highlights cybersecurity responsibilities in medical device lifecycle, focuses on resilience
- Health-ISAC Hacking Healthcare 2-3-2025
- Exploring the Cybersecurity Roles of Manufacturers and Healthcare Organizations During the Medical Device Lifecycle
- Impacts of Proposed US Import Tariffs on the Global Health Sector
- NY Blood Center Attack Disrupts Suppliers in Several States
- 2025 Newsletter – February
- DeepSeek’s Security Risk Is A Critical Reminder For CIOs
- $6.4m to combat health sector cyber threat
- Threat Bulletin: SimpleHelp RMM Software Leveraged in Exploitation Attempt to Breach Networks
- EU Commission Calls for Health Sector ‘Cyber Action Plan’