A survey from security firm nCircle suggests that retaliatory hacking is not universally frowned upon.
In a poll of 181 attendees of the Black Hat USA 2012 conference in Las Vegas, nCircle asked "Have you ever engaged in retaliatory hacking?” Sixty-four percent said "never," 23 percent said "once," and 13 percent said "frequently."
While more than a third responded in the affirmative, Tim 'TK' Keanini, CTO of nCircle, said the true percentage may be even higher.
“Retaliatory hacking is a huge topic at Black Hat this year, but we should take these survey results with a grain of salt,” he said in a statement. “It’s safe to assume some respondents don’t want to admit they use retaliatory tactics. It’s very tempting to strike back out of anger and frustration. However, as infuriating as cyber criminals can be, this ‘eye for an eye’ code of justice can be extremely dangerous.
“There’s a huge difference between a security expert who can qualify attackers and apply appropriate responses and a neophyte who reacts blindly," he added. "The best strategy for most companies is to forget retaliation and concentrate on improving their defenses.”