Why the FBI Hacked Hundreds of Computers
It almost sounds like a conspiracy theory. This week, the FBI announced that it hacked hundreds of servers around the US, remotely executing code on the machines.
But it’s very real. In fact, the Justice Department itself made the announcement, and received court authorization to do this.
The whole thing sounds very strange. But it turns out the hack had a very specific purpose: to protect these computers from the very same exploit the FBI was using to hack into them.
See, back in January, a security testing firm told Microsoft there was a major vulnerability in Microsoft Exchange Server, an email and calendar management program that’s used in servers around the world.
Now known as Hafnium, the exploit allowed hackers to run whatever code they wanted on the target’s machine. Since the vulnerability was in servers, we’re not talking your average run-of-the-mill user here — the targets were the computers used to run emails and other services for businesses and government organizations. So, arguably much worse.
Microsoft finally released patches to fix the problem on March 2. But for tens of thousands of computers, it was too late — by March 3, they were already infected with viruses that gave hackers back door access to the machines. Within a couple of days, that number had grown to hundreds of thousands around the world.
According to the Justice Department, fixes were installed on thousands of servers in the US. But we’ve all been guilty of waiting a little too long to install security updates, and apparently server owners are no different — hundreds of machines were still compromised.
So the FBI decided to step in. They accessed the unpatched machines using the same exploit as the bad guys — but instead of giving themselves a back door, they just wiped the hackers’ back door.
To be clear, this is not business as usual. It’s possible this has never been done by the US government before — certainly not openly. As for whether they plan to use this strategy again in the future? Well, we’ll just have to wait and see.