A recent rule by the Supreme Court has given the FBI authority to hack your computer if it is inadvertently part of a criminal botnet. Recent changes to a procedural rule known as Rule 41 allows the FBI to obtain a search warrant to use “network investigative techniques” or NIT (or more commonly called hacking) to search computers engaged in criminal activity anywhere in the world. This includes innocent computer users whose computers may be part of a botnet used by cyber-criminals for criminal activities.
Previously, a search warrant obtained under Rule 41 had to be issued by a judge in the jurisdiction where the computer was physically located. This change was made because it is often difficult or impossible to know the actual location of a computer if it is using anonymizing technologies such as the TOR network, a VPN, or other proxy or encryption services.
According to civil libertarian Senator Ron Wyden, this would give the government authority to “search thousands or millions of computers at once,” including those computers belonging to “the victims, not the perpetrators, of cyber-crime.”
The Open Technology Group (OTI) is opposing this rule change on the grounds that the Congress has never enacted legislation allowing for this level of government surveillance.
“Whatever euphemism the FBI uses to describe it – whether they call it a “remote access search” or a “network investigative technique” – what we’re talking about is government hacking, and this obscure rule change would authorize a whole lot more of it.
… Like wiretapping, hacking is uniquely invasive compared to regular searches and raises serious issues under our Fourth Amendment, which protects us from unreasonable searches. Unlike wiretapping, however, Congress has never authorized government hacking nor established protective rules for the road to ensure it’s not abused.”
The Electronic Frontier Foundation (EFF) has also come out against this rule change.
Yet again here is another attack on our rights under the Constitution justified because the FBI wants easier ways to pursue criminals. This is an issue you may want to take up with your own Senator and Congressman, unless of course yours is Dianne Feinstein.
About the Author:I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com