Active Defense: Should Attack Victims 'Hack Back?'
Active Defense: Should Attack Victims 'Hack Back?'

- Premium Members Only Content - Exclusive Video -

See Also: Hide & Sneak: Defeat Threat Actors Lurking within Your SSL Traffic

In the wake of damaging cyber attacks, some organizations are looking not just to repel the attacks, but to strike back and shut down the attackers. This "hack-back" strategy - or "active defense," as it's come to be known - is controversial because of its legal implications.

In this session, two noted security/privacy attorneys discuss:

  • The argument for active defense tactics;
  • Potential consequences from collateral damage;
  • When is a 'hack-back' approach appropriate?

Background

It's an ethical dilemma for many organizations and industry associations. If you perceive or receive a cyber threat, and you know the origin of that threat, do you have the right to make a pre-emptive or retaliatory strike against the actors?

This "hack-back" strategy - or "active defense," as its proponents prefer to say, can be as simple as setting "honey pot" traps to ensnare or confuse attackers with worthless data, or as sophisticated as reverse-engineering attackers' remote access tools and then striking back at or disabling the attacking systems. However it's accomplished, active defense is controversial because of its legal implications.

In a recent panel discussion, attorneys David Navetta and Ronald Raether debated the merits of active defense.

Navetta's point: "Why, as an organization, if you can identify the source of the attack, do you need to take the harm - potentially lost revenue - when you can potentially disable the attack?"

Raether's counter: The hack-back strategy is a legal gray area. Often in these attacks, fraudsters ensnare innocent corporate and consumer PCs in their botnets. What are the legal repercussions of gaining unauthorized access to these systems, shutting them down and perhaps even damaging an innocent consumer's PC. "If that's what's being hacked into," Raether says, "you're now the equivalent of bombing Switzerland in a war."

In this session, Navetta and Raether explore the arguments for and against active defense, offering insights on:

  • How organizations such as the American Bar Association are currently approaching the topic;
  • Factors to weigh when considering an active defense stance;
  • Risks from retaliatory actions by the threat actors.


Around the Network