Incident Response, Security Strategy, Plan, Budget

Implications of feds’ disruption of Cyclops Blink examined

The US Justice Department was able to disrupt the Russian state-sponsored Sandworm hacking operation's Cyclops Blink botnet as a result of a search warrant that enabled the FBI to remotely access computers without owner permission under an amendment to Rule 41 in 2016, according to CyberScoop. While the changes six years ago have enabled an easier crackdown on botnets, the disruption of Cyclops Blink also presents valuable legal issues and the need for a balance between private property rights and national security, said Scott Shackleford, a law professor and the director of the Ostrom Workshop Program on Cybersecurity and Internet Governance at Indiana University. "Under this authority the FBI could hack into computers at will, and without the need for a specific search warrant," Shackleford said, who also expressed concern regarding the case's precedent in potentially more drastic actions by other law enforcement agencies. However, the case also indicates the increasing partnership between the federal government and private sector in taking down malicious actors, said Mark Bini, a lawyer at the firm Reed Smith, who noted that the Cyclops Blink takedown occurred nearly the same time as Microsoft announced its disruption of another Russian state-backed hacking group's infrastructure.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.