The high-profile breach, which Microsoft last month blamed on China, has reportedly affected at least 60,000 victims globally. Microsoft has since worked furiously to rectify Exchange’s vulnerabilities while Washington pleads for organisations to patch up. Clearly, US authorities concluded that voluntary patching simply wasn’t enough. The Department of Justice (DOJ), which oversees the FBI, said the operation successfully “removed one early hacking group’s remaining web shells which could have been used to maintain and escalate persistent, unauthorised access to US networks.”
— FBI (@FBI) April 14, 2021 It added, “The FBI conducted the removal by issuing a command through the web shell to the server, which was designed to cause the server to delete only the web shell (identified by its unique file path).” But was this drastic move of accessing private computers justified? The DOJ noted that the backdoors that the FBI removed each had a unique file path and name. So individual server owners could’ve found them hard to detect and squash.
The DOJ did say that the FBI would attempt to notify all owners or operators of the computers affected by the operation. Still, this raises all sorts of questions about privacy. The US has souring relations with China and Russia – the two countries most blamed for large-scale hackings in America. So you can bet we’ll be seeing more of these operations in the future. (Source: The US Department of Justice. Header image: FBI / Facebook.)
