Not updating your critical software? The FBI might just do it for you.
The FBI has begun quietly accessing hundreds of American computers hacked through Microsoft’s Exchange email program, removing malicious code that the hackers left behind.
The operation, which the Department of Justice announced Tuesday it had authorized with a warrant, highlights the severity of the Exchange vulnerability, which allowed scores of hackers to break into organizations since the beginning of the year.
But it also raises concerns about the FBI’s jurisdiction when remedying cyberattacks against Americans.
In some major stings against botnets — giant armies of hacked computers that a hacker will direct to act as a group, often as part of criminal operations — the FBI will hack victims’ computers to remove the code that makes the computers unwilling perpetrators. But the agency’s reaction to the Exchange hack is an example of a far rarer phenomenon: actively removing malicious code from Americans’ computers simply to help them.
Microsoft announced at the beginning of March that hackers working for the Chinese government had been exploiting flaws in the code of Exchange, its program that allows organizations to run their own email servers, to break into computers running that program. As Microsoft and other cybersecurity researchers began working on a fix, the vulnerability seemed to go viral among hackers, and a wide range of them began exploiting the vulnerability all over the world.