Industry Reactions to FBI Cleaning Up Hacked Exchange Servers: Feedback Friday
Friday, April 16, 2021
U.S. authorities revealed this week that the FBI executed a court-authorized cyber operation to remove malicious web shells from hundreds of compromised Microsoft Exchange servers located in the United States.
Ilia Kolochenko CEO, Founder and Chief Architect, ImmuniWeb: “It’s a wise move given that exposed web shells clearly indicate that server owners are either unaware of the server existence or are grossly negligent having unpatched and compromised system exposed to the Internet. Hacked servers are actively used in sophisticated attacks against other systems, amplify phishing campaigns and hinder investigation of other intrusions by using the breached serves as chained proxies.
Thus, arguably, such preventive removal may be considered a legitimate self-defense in cyberspace. In any case, neither hackers nor server owners will probably complain or file a lawsuit for unwarranted intrusion. What is interesting, is whether the FBI later transfers the list of sanitized servers to FTC or state attorney generals for investigation of bad data protection practices in violation of state and federal laws.” Read Full Article
ComputerWeekly: NEC, LogicMonitor and ImmuniWeb bolster channel numbers
IT PRO: FBI shuts down web shells in hacked Exchange servers