The media reported yesterday that a Texas court recently allowed the FBI to access third-party email servers through the Internet, for the purpose of removing backdoors left by hackers over the past weeks. The goal: eliminate backdoors left in Exchange servers after hackers exploited recently discovered vulnerabilities. This is a first, as American authorities are dealing with cyberattacks that seem to grow more and more sophisticated, including because of state-sponsored hackers from abroad, in particular from China.
As you may remember, since March, criminal hackers have been using four vulnerabilities that allow them to penetrate email servers running Exchange, including to access emails, etc. The resulting intrusions also allowed hackers to obtain trade secrets and install ransomware on the computer systems of some companies.
Even though Microsoft has updated Exchange since, many businesses have yet to implement the updates. Worse yet, even companies that do patch their servers may still be exposed, as their networks may have been penetrated in a manner that allowed intruders to install backdoors that remain, even after the Exchange server is been updated to remove the four vulnerabilities at issue.
To help American businesses deal with this problem, the Justice Department recently obtained a court order allowing the FBI to access servers on which backdoors were so installed, through the Internet, so as to eliminate those backdoors. This is a good example of the perceived need, for law enforcement, to be allowed to start using legal means that go beyond simply enforcing the law, opting for a more proactive approach. To my knowledge, Canadian authorities have yet to go this far in their attempt to tackle cybersecurity issues.