The decision by the Department of Justice announced Tuesday to dismantle ‘hundreds’ of web shells installed using Exchange Server vulnerabilities, mitigating the threat to private servers in bulk, is being hailed as a landmark use of a new authority. But the move also invited concern among some in the cybersecurity community about the lack of any clear standard for when and how government may hack private systems.
A widely adopted patch had already been available for the servers, which are believed to be breached by Chinese espionage groups Microsoft dubbed “Hafnium” and separate criminal groups. But the patch only closed the vulnerability used to install the web shells, not delete web shells already installed. The DoJ, with a court order, removed those shells.
Please register to continue.
Already registered? Log in.
Once you register, you'll receive:
The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.
Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.
SC Media’s essential morning briefing for cybersecurity professionals.
One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.