The FBI Can Covertly Access Your Computer

As fallout from the devastating and extensive breach of Microsoft's Exchange email suite of email software, the FBI  now has the authority to access privately owned computers without their owners’ knowledge or consent and to delete software. This is part of the US  government's effort to contain the continuing attacks on corporate networks running Microsoft Exchange and it’s raising legal questions about just how far the government can go.

This unprecedented intrusion is raising legal questions about just how far the government can go. The US has been trying out active defense against hackers.

The software the FBI is deleting is malicious code installed by hackers to take control of a victim’s computer. Hackers have used the code to access vast amounts of private email messages and to launch ransomware attacks.

On April 9, the United States District Court for the Southern District of Texas approved a search warrant allowing the US Department of Justice to carry out the operation. The authority the Justice Department relied on and the way the FBI carried out the operation set important precedents. They also raise questions about the power of courts to regulate cybersecurity without the consent of the owners of the targeted computers, according to homelandsecuritynewswire.com.

Public-private cooperation is critical for managing the wide range of cyber threats facing the US. But it poses challenges, including determining how far the government can go in the name of national security. It’s also important for Congress and the courts to oversee this balancing act.

Since at least January 2021, hacking groups have been using zero-day exploits, meaning previously unknown vulnerabilities, in Microsoft Exchange to access email accounts. The hackers used this access to insert web shells, software that allows them to remotely control the compromised systems and networks.

Tens of thousands of email users and organisations have been affected. One result has been a series of ransomware attacks, which encrypt victims’ files and hold the keys to decrypt them for ransom.

What makes this case unique is both the scope of the FBI’s actions to remove the web shells and the unprecedented intrusion into privately owned computers without the owners’ consent. The FBI undertook the operation without consent because of the large number of unprotected systems throughout US networks and the urgency of the threat.

Patch:        MarketWatch:      I-HLS:       The Conversation

You Might Also Read:

New Tool To Detect Microsoft 365 Compromises:

 

 

« The European Union's Digital Security Plan
Electronic Espionage Will Use AI Instead Of Spies »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

E-Tech

E-Tech

E-Tech has been providing system support and information technology consulting services including Internet and Network Security assessments.

Source Defense

Source Defense

Source Defense provides websites with the first ever prevention technology for attacks of third-party origin.

Data61

Data61

Data61 is Australia’s leading digital research network offering the research capabilities, IP and collaboration programs to unleash the country’s digital & data-driven potential.

Cancom

Cancom

CANCOM group is one of the leading providers of IT infrastructure and IT services in Germany and Austria. Solution areas include network security.

KOVRR

KOVRR

Kovrr financially quantifies cyber risk on demand. Our technology enables decision makers to seamlessly drive actionable cyber risk management decisions.

Secure Blockchain Technologies (SBT)

Secure Blockchain Technologies (SBT)

SBT is a team of Enterprise IT Security Professionals weaving security and Blockchain Technology into our customer’s operational fabric.

Highland Capital Partners

Highland Capital Partners

Highland Capital Partners is an early stage venture capital firm focused on category-defining businesses in consumer and enterprise technology, including cybersecurity.

BTblock

BTblock

Blockchain and cybersecurity is a vital combination for Enterprise success. BTblock is a Force Multiplier for its clients.

Nettoken

Nettoken

Nettoken is the first identity management platform designed for everyday internet users, to encourage awareness and control of our ever expanding digital footprint and personal cybersecurity.

Futurae Technologies

Futurae Technologies

Futurae - enabling trust and invisible security for your users on all devices and applications. Strong customer authentication (SCA) made easy.

OpenAVN (DefenseArk)

OpenAVN (DefenseArk)

Defending your life online, keeping your data safe and private. We detect digital threats magnitudes faster than the leading antivirus software.

Appsian Security

Appsian Security

Appsian provides powerful solutions that help organizations take control of their business critical data and financial transactions.

Trusted Cyber Solutions

Trusted Cyber Solutions

Trusted Cyber Solutions is an independent Cyber Security and Risk Management consultancy.

Nortal

Nortal

Nortal is a strategic digital transformation partner for leading companies and governments around the world.

CMIT Solutions

CMIT Solutions

CMIT Solutions is a recognized leader in Managed IT Services for businesses. We empower businesses like yours by providing innovative technology solutions, managed IT services and cybersecurity.

Leo CybSec

Leo CybSec

Leo CybSec unites a group of Cyber Security experts with 20+ years of collective expertise to help our clients realise and mitigate the cyber challenges and risks facing their business.

Nordic Defender

Nordic Defender

Nordic Defender is the first crowd-powered modern cybersecurity solution provider in the Nordic region.