This includes using a layered defense, also known as defense in depth , to make it more difficult, expensive and time-consuming to break into networks. The alternative is to go after hackers, a strategy dubbed defend forward.
Since , the U. Cyber Command personnel identified and disrupted Russian online propaganda campaigns. The Biden administration has continued this trend, coupled with new sanctions on Russia in response to the SolarWinds espionage campaign. That attack, which the U.
This new FBI action similarly pushes the envelope of active defense, in this case to clean up the aftermath of domestic breaches, though without the awareness — or consent — of the affected organizations.
The Computer Fraud and Abuse Act generally makes it illegal to access a computer without authorization. This law, though, does not apply to the government. The FBI has the power to remove malicious code from private computers without permission thanks to a change in to Rule 41 of the Federal Rules of Criminal Procedure.
This revision was designed in part to enable the U. It permits the FBI to access computers outside the jurisdiction of a search warrant. This action highlights the precedent, and power, of courts becoming de facto cybersecurity regulators that can empower the Department of Justice to clean up large-scale deployments of malicious code of the kind seen in the Exchange hack.
In , for example, the FBI made use of the expanded Rule 41 to take down a global botnet that harvested victims information and used their computers to send spam emails.
One is the question of liability. Another issue is how to balance private property rights against national security needs in cases like this.
What is clear, though, is that under this authority the FBI could hack into computers at will, and without the need for a specific search warrant. This statement may seem uncontroversial. Much of U. Yet companies have not always made the necessary investments to protect their customers.
Scott Shackelford is an associate professor of business law and ethics, the executive director of the Ostrom Workshop, and the cybersecurity program chair, IU-Bloomington, all at Indiana University. The Supreme Court has stopped the Biden administration from enforcing a requirement that employees at large businesses be vaccinated against COVID or undergo weekly testing and wear a mask on the job.
ET First Published: April 26, at a. ET By Scott Shackelford. Cybersecurity Mobile Policy Privacy Scooters.
Phones Laptops Headphones Cameras. Tablets Smartwatches Speakers Drones. Accessories Buying Guides How-tos Deals. Health Energy Environment. YouTube Instagram Adobe. Kickstarter Tumblr Art Club. Film TV Games. Fortnite Game of Thrones Books. Comics Music. Filed under: Tech Cybersecurity. The FBI is remotely hacking hundreds of computers to protect them from Hafnium. Linkedin Reddit Pocket Flipboard Email. Next Up In Tech.
0コメント