The FBI Can Covertly Access Your Computer

As fallout from the devastating and extensive breach of Microsoft's Exchange email suite of email software, the FBI  now has the authority to access privately owned computers without their owners’ knowledge or consent and to delete software. This is part of the US  government's effort to contain the continuing attacks on corporate networks running Microsoft Exchange and it’s raising legal questions about just how far the government can go.

This unprecedented intrusion is raising legal questions about just how far the government can go. The US has been trying out active defense against hackers.

The software the FBI is deleting is malicious code installed by hackers to take control of a victim’s computer. Hackers have used the code to access vast amounts of private email messages and to launch ransomware attacks.

On April 9, the United States District Court for the Southern District of Texas approved a search warrant allowing the US Department of Justice to carry out the operation. The authority the Justice Department relied on and the way the FBI carried out the operation set important precedents. They also raise questions about the power of courts to regulate cybersecurity without the consent of the owners of the targeted computers, according to homelandsecuritynewswire.com.

Public-private cooperation is critical for managing the wide range of cyber threats facing the US. But it poses challenges, including determining how far the government can go in the name of national security. It’s also important for Congress and the courts to oversee this balancing act.

Since at least January 2021, hacking groups have been using zero-day exploits, meaning previously unknown vulnerabilities, in Microsoft Exchange to access email accounts. The hackers used this access to insert web shells, software that allows them to remotely control the compromised systems and networks.

Tens of thousands of email users and organisations have been affected. One result has been a series of ransomware attacks, which encrypt victims’ files and hold the keys to decrypt them for ransom.

What makes this case unique is both the scope of the FBI’s actions to remove the web shells and the unprecedented intrusion into privately owned computers without the owners’ consent. The FBI undertook the operation without consent because of the large number of unprotected systems throughout US networks and the urgency of the threat.

Patch:        MarketWatch:      I-HLS:       The Conversation

You Might Also Read:

New Tool To Detect Microsoft 365 Compromises:

 

 

« The European Union's Digital Security Plan
Electronic Espionage Will Use AI Instead Of Spies »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Deductive Labs

Deductive Labs

Deductive Labs consulting services help customers with their technology, security and automation challenges.

Cyber 2.0

Cyber 2.0

Cyber 2.0 is the only system in the world that blocks all forms of cyber attack within the organization, including new and unfamiliar attack methods.

Early Warning Services

Early Warning Services

Early Warning Services identity, authentication and payment solutions empower financial institutions to make confident decisions, enable payments and mitigate fraud.

ENEA Qosmos Division

ENEA Qosmos Division

Qosmos, a division of Enea, leads the market for IP traffic classification and network intelligence technology used in physical, SDN and NFV architectures.

CipherMail

CipherMail

CipherMail provides email security products which allow organizations world wide to automatically protect their email against unauthorized access both in transit and at rest.

CounterCraft

CounterCraft

The CounterCraft Cyber Deception Platform fits seamlessly into existing security strategies and delivers high-end deception for threat hunting and threat detection.

Telelogos

Telelogos

Telelogos is a European provider of Enterprise Mobility Management software, Digital Signage software and Data Transfer and Synchronization software.

NSO Group

NSO Group

NSO Group develops technology that enables government intelligence and law enforcement agencies to prevent and investigate terrorism and crime.

Kymatio

Kymatio

Kymatio are pioneers in Artificial Intelligence applied to adaptive staff strengthening, cultural change and predictive internal risk analysis.

Trusona

Trusona

Trusona is a pioneer and leader in passwordless two-factor authentication (2FA).

Glilot Capital Partners

Glilot Capital Partners

Glilot Capital Partners is an Israeli seed and early-stage VC. We specialize in businesses which disrupt enterprise technology, mainly in the fields of AI, big data and cybersecurity.

VectorUSA

VectorUSA

VectorUSA is a premier technology solution provider. We design, build and maintain cybersecurity, data center, wireless and managed solutions – transforming business needs into technology solutions.

CENSUS

CENSUS

CENSUS is a Cybersecurity services provider offering services to multiple industries worldwide such as Security Testing, Code Auditing, Secure SDLC, Vulnerability Research and Consulting Services.

NTT Group

NTT Group

NTT offers agile, scalable technology services to bring it all together seamlessly, securely, and sustainably. We help you adopt a holistic security approach across your network, clouds, applications.

MainNerve

MainNerve

MainNerve helps secure networks, applications, people, and facilities… enabling businesses to reduce risk and increase their cybersecurity posture.

AmiViz

AmiViz

AmiViz is the first B2B enterprise marketplace focussed on Cybersecurity business in the Middle East and Africa, designed specially to serve the interests of enterprise resellers and vendors.