U.S. Attorney General Merrick Garland arrives to address the staff on his first day at the Department of Justice March 11, 2021 in Washington, DC. The decision by Justice to dismantle ‘hundreds’ of web shells installed using Exchange Server vulnerabilities is being hailed as a landmark use of a new authority. (Photo by Kevin Dietsch-Pool/Getty Images)

The decision by the Department of Justice announced Tuesday to dismantle ‘hundreds’ of web shells installed using Exchange Server vulnerabilities, mitigating the threat to private servers in bulk, is being hailed as a landmark use of a new authority. But the move also invited concern among some in the cybersecurity community about the lack of any clear standard for when and how government may hack private systems.

A widely adopted patch had already been available for the servers, which are believed to be breached by Chinese espionage groups Microsoft dubbed “Hafnium” and separate criminal groups. But the patch only closed the vulnerability used to install the web shells, not delete web shells already installed. The DoJ, with a court order, removed those shells. 

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.