Feds: Offensive cyber operations vs China, Russia justified

Offensive cyber operations conducted by the U.S. have been touted by FBI and Justice Department officials as crucial in disrupting Chinese threat operation Hafnium and Russia’s Cyclops Blink botnet over the past two years, reports The Record, a news site by cybersecurity firm Recorded Future.

“The Bureau and DOJ [have] been criticized publicly about those actions because its an overstep of privacy, but I think its important to understand what’s behind them. In all these scenarios, we published multiple cybersecurity advisories in tandem with the mitigation and remediation guidance from the affected vendor,” said FBI Cyber Division Assistant Director Bryan Vorndran.

Vorndran added that the operations, which in the case of Hafnium involved base infrastructure infiltration and in the case of Cyclops Blink entailed malware removal from edge routers, resulted in a significant decline in victims.

Meanwhile, Justice Department Deputy Assistant Attorney General Adam Hickey emphasized that both offensive cyber operations were done as a last resort.

“We tend to use them when merely sharing information with the private sector or public isn’t enough to help people clean up the malware on their computers,” added Hickey.