Last week the US Department of Justice revealed how the FBI had worked to remove malicious web shells from hundreds of computers in the United States that were running vulnerable versions of Microsoft Exchange Server. While the move will have helped keep many organisations secure, it has also raised questions about the direction of cybersecurity.
Earlier this year, four zero-day vulnerabilities in Microsoft Exchange Server, which were being actively exploited by a nation-state-backed hacking operation, were uncovered. Microsoft released a critical security update to protect Exchange Server customers from cyberattacks exploiting the vulnerabilities in March, but a significant number of organisations have yet to apply the security patch.
This leaves them vulnerable to cyberattacks from a range of online attackers including nation-state groups, ransomware gangs, cryptojackers and other cyber-criminal groups that have rushed to exploit the Exchange vulnerabilities.