Microsoft takes on Russian hackers while White House remains ambivalent

Despite the White Houses reluctance to hold Russia fully accountable for meddling in the 2016 US election, Microsoft has taken it upon themselves to begin counter measures to mitigate the power of associate Russian GRU’s Fancy Bear hacking group.

Fancy Bear has been linked to Russia’s covert military intelligence agency on occasion and is believed to be the operating force behind last years Democratic National Convention hack.

Fancy Bear has been conducting cyber espionage since at least 2007, breaching NATO, Obama’s White House, a French television station, the World Anti-Doping Agency and countless NGOs, and militaries and civilian agencies in Europe, Central Asia  and the Caucasus.  Fancy Bear’s most notorious intrusions targeted the Democratic National Committee and the Hillary Clinton campaign last year, as part of Moscow’s efforts to help Donald Trump win the White House, according to U.S. intelligence findings.

However, unlike in the movies, battling Fancy Bear hackers won’t put Microsoft behind a monitor and keyboard chasing code across command prompt screens.

Instead, as The Daily Beast is reporting, Microsoft has been slowly building a legal case to bring Fancy Bear into court for reserving domain names that infringed on the company’s trademark. Admittedly, less thrilling than glamorized cyber terrorism seen on screen, Microsoft’s approach has already produced substantive results.

As of The Daily Beast’s reporting, Microsoft has managed to seize roughly 70 Fancy Bear domains used to conduct presumably nefarious acts such as injecting malware on computers and proliferating the spread of fake news onto social media sites.

Furthermore, seized domains allow Microsoft an interception point as Fancy Bear’s server network relays information to now Microsoft controlled domains. Microsoft’s ability to become the man in the middle now enables the company jump in and disrupt future foreign attacks or hacks when observed.

In other words,” Microsoft outside counsel Sten Jenson explained in a court filing last year,  “any time an infected computer attempts to contact a command-and-control server through one of the domains, it will instead be connected to a Microsoft-controlled, secure server.”

As an embattled and courtroom tested company Microsoft’s approach of legal seizure seems well within the company’s purview as well as seemingly coming as a bit of a surprise to the less legally resourceful methods of hackers.

It will be interesting to see how much damage Microsoft can inflict before the hackers alter their methods.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s