Cyberside Chats: Cybersecurity Insights from the Experts

When the FBI Becomes Your IT Department

Listen Later

In this episode of Cyberside Chats, we explore the FBI’s daring takedown of PlugX malware. By commandeering the malware’s command-and-control infrastructure, the FBI forced PlugX to uninstall itself from over 4,200 devices globally. This bold move echoes similar actions from 2021, such as the removal of malicious web shells from Exchange servers.

We unpack the legal, ethical, and operational implications of these law enforcement actions and provide actionable advice for IT and security leadership to prepare for similar events.

Key topics include:

  • How the FBI executed the PlugX takedown and what it means for organizations.
  • The risks and benefits of law enforcement hacking into private systems to mitigate threats.
  • Preparing for potential third-party access to your network by “authorized” actors like law enforcement or tech vendors.

    • Takeaways:

    • Be aware that “authorized” third parties, such as law enforcement or Microsoft, may access your computers if they’re part of a botnet.
    • Monitor threat intelligence feeds so you’re informed when events like these occur.
    • Proactively communicate with your ISP about their processes for responding to law enforcement notifications.
    • Ensure your contact information is current with your ISP and DNS registrars to avoid communication gaps.
    • Review and update your incident response (IR) and forensics plans to account for potential third-party access.
    • Include scenarios involving third-party access in your tabletop exercises to improve preparedness.

      • Resources:

      “FBI Hacked Thousands of Computers to Make Malware Uninstall Itself”

      “The Microsoft Exchange Server Hack: A Timeline”

      “Taking Down the Waledac Botnet (The Story of Operation b49)”

      Have thoughts or questions about this episode? Contact us to discuss this and more with other cybersecurity professionals.

      #cybersecurity #PlugX #PlugXhack #hack #hacker

      ...more
      View all episodesView all episodes
      Download on the App Store
      Cyberside Chats: Cybersecurity Insights from the ExpertsBy Chatcyberside
      • 5
      • 5
      • 5
      • 5
      • 5

      5

      2 ratings

      More shows like Cyberside Chats: Cybersecurity Insights from the Experts

      View all
      No Agenda Show by Adam Curry & John C. Dvorak

      No Agenda Show

      5,951 Listeners

      Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec by Jerry Bell and Andrew Kalat

      Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

      370 Listeners

      The DSR Network by The DSR Network

      The DSR Network

      1,760 Listeners

      Conspirituality by Derek Beres, Matthew Remski, Julian Walker

      Conspirituality

      2,037 Listeners

      What Rough Beast by Virginia Heffernan and Stephen Metcalf

      What Rough Beast

      61 Listeners