In a collaborative effort led by Fortra, Microsoft’s Digital Crimes Unit (DCU), and the Health Information Sharing and Analysis Center (ISAC), significant progress has been made in curtailing access to weaponized versions of the potent hacking tool Cobalt Strike. Through this initiative, access to these malicious tools has been diminished by a staggering 80%.
One of the key achievements of this initiative was the significant reduction in dwell time, which refers to the period between the initial detection and the takedown of malicious activities. In the United States, the average dwell time has been cut down to less than one week, while globally it stands at less than two weeks.
The culmination of a three-year investigation, Operation MORPHEUS, spearheaded by the UK’s National Crime Agency and supported by Fortra and law enforcement agencies across seven countries, marked a pivotal moment in the fight against cybercrime. This operation identified 690 IP addresses linked to criminal activities, of which 593 were successfully taken down.
In addition to these accomplishments, the campaign has adopted a multi-pronged approach to disrupting cybercriminal activities. This includes sinkholing over 200 malicious domains to prevent further exploitation, continued efforts to take down malicious entities, strengthening security controls for Cobalt Strike, and engaging in public-private partnerships to combat the unauthorized distribution of cyber intrusion tools.
Furthermore, Fortra has joined the Pall Mall Process, an international effort aimed at developing regulations to combat the unauthorized distribution and usage of commercial cyber intrusion tools. The group has also been actively sharing their disruption techniques through conferences and webinars to empower other security providers to engage in similar partnerships.
While the progress made so far is commendable, the campaign recognizes that this is only the beginning. Future efforts will focus on refining automation processes and proactively tracking malicious activities. Partners involved in this initiative have committed to providing ongoing support to law enforcement agencies worldwide.
In conclusion, the collaborative efforts led by Fortra, Microsoft’s DCU, and ISAC have proven to be effective in reducing access to weaponized versions of Cobalt Strike and combating cybercriminal activities. With a concerted focus on ongoing efforts and future initiatives, the fight against cybercrime continues to evolve and adapt to the ever-changing landscape of cybersecurity threats.