Alex Iftimie authored an article in Lawfare discussing the U.S. Department of Justice’s novel law enforcement operation to protect victims of state-sponsored hacking by removing malware from hundreds of victim systems in the United States that were compromised as a result of recently discovered zero-day vulnerabilities in Microsoft Exchange Server.
“The operation signals that the Justice Department is willing to take novel and increasingly robust action as part of the department’s longstanding strategy to protect American businesses and individuals from foreign cyber operations—particularly those executed by well-funded, state-sponsored actors,” Alex wrote. He added: “The operation also represents a welcome evolution in strategy. Whereas the FBI could have simply notified each of the hundreds of victims that their systems were compromised (a process that would have taken time and still left victims at risk of continued compromise), the Justice Department instead took proactive action to disable malware that was being used to infiltrate networks across the United States.”
“Although clearly rooted in legal authority, the operation goes beyond what the Justice Department had done before,” Alex added. “This appears to be the first time Justice has used criminal law authorities to access the systems of downstream victims on a wide scale to remove or disable malware.”
Read the full article.