Been Hacked? It Might Have Been The FBI

hacked by fbi

Hacking will be a problem for as long as the internet and mass communication exists. To put that another way, hacking is going to be a problem forever. The networks of the future are going to get bigger rather than smaller, and we’ll all grow ever more digitally connected with each passing year. That means the rewards for successful malicious hacking activity grow bigger, and the incentive to become involved in such nefarious activities grows bigger with them.

Anybody can be a victim of hacking. Being rich or famous or having privileged access to a company with enormous resources makes you a bigger target, but hackers will happily attack and compromise any system they can gain access to. They treat it almost as if they’re playing online slots. Ask any online slots player at Rose Slots IE, and they’ll tell you that they don’t resent the money they lose on unsuccessful bets because each bad bet gets them one step closer to the next good one. Hackers share the same belief. They’ll hack 100 targets and steal nothing worthwhile from 99 of them so long as that one in a hundred gets them what they want. The prizes they get for doing so tend to be worth far more than anything you’ll get from an online slots website, too.

When hacking is carried out on such an enormous scale that it poses a threat to national security, government agencies are compelled to get involved. This month, the FBI has taken the shocking and unprecedented step of hacking thousands of computers in an attempt to protect them from the threat posed by the Hafnium hack. According to some (but not all) sources, the Hafnium hackers belong to a Chinese state-sponsored group. If that’s true, the mass hack could be classed as a digital act of war against the United States of America, with the FBI acting as the country’s first line of defence. As the FBI didn’t get specific permission from the individuals affected by the Hafnium attacks before going about their white-hat hacking activities, there’s an outside chance you might have been “visited.” In other words, there might have been an American government agent inside your computer without your knowledge!

Before you start panicking about what the government might have seen, you’re only likely to have been a victim of Hafnium if you’re a Microsoft Exchange Server customer. The nature of the sustained assault left backdoors in Exchange Servers that could, in theory, have remained there indefinitely. In layman’s terms, it means that anyone who had been attacked by Hafnium may have been left with a gaping hole in their security that another attacker could have used at a later date. This is obviously a terrifying prospect, but it prompted some creative thinking from the FBI’s finest technical minds. After considering the scale of the problem, they decided the best way to proceed was to use the hackers’ tools against them.

After creating a (hopefully) comprehensive list of compromised servers, the FBI applied for and was granted a court order to remotely access them using the same vulnerabilities that were created by the hack attacks. After receiving approval, the agency accessed the backdoors and told them to shut themselves down and then delete themselves. All of the necessary work was done remotely. The FBI says that no private user data was observed, accessed, or otherwise interacted with by an FBI agent during the course of this action.

The FBI hasn’t yet provided confirmation to the owners of the Microsoft Exchange Servers that they’ve taken this action. The Justice Department is yet to decide whether notification ought to be given after the event. If you have a Microsoft Exchange Server, you may have been hacked by both Hafnium and the FBI within the past month, the problem has since been dealt with, and you’re none the wiser. This is the first time a hacking problem has been addressed in this way and might set a precedent for how large hacks are dealt with and defended against in the future. If the FBI is given free rein to go ahead with plans like this, it would probably be bad news for international hackers. Still, it’s unlikely to be seen as a positive development by privacy campaigners.

Microsoft was slow to respond to the initial attack, which is part of the reason that the FBI felt compelled to act. By the time the government department launched its unorthodox fix, thousands of users had already applied patches to take care of the vulnerability. Those self-applied patches won’t have been affected by anything the FBI has done. Microsoft finally got around to releasing a new security update at the start of the second week of April, which should do away with the vulnerability for good. As is always the case with organised hackers, though, this is more of a reprieve than a solution. The black-hat hackers will already be looking for the next chink in the armour, and Microsoft’s experts will already be trying to anticipate their next move. It’s a never-ending game of chess.

This development opens up a new front for the FBI. While the activities of international hacking groups were already of interest to them, this is the first time we’ve seen the agency get involved with the cure rather than focusing purely on prevention. Taking this action creates an expectation that if there’s an attack that compromises the systems of thousands of Americans in the future, they’ll step in to solve the problem again. The “I” in FBI stands for “Investigation” rather than “information technology,” but as the lines between physical crime and cybercrime become ever more blurred, they might find themselves providing more IT support in the future. There probably isn’t such a thing as having too much help in the effort to keep hackers and third parties out of your computer networks, but there’s something a little unsettling about the idea that the FBI might wade in uninvited if they think they have a just cause to do so. Pay close attention the next time you see your computer behaving strangely. It’s probably nothing – but it might just be the FBI keeping an eye on you.