A new survey of Black Hat attendees shows many are not afraid to fight back against hackers with their own tactics.
The legalities of cyberspace can be complex – particularly when organizations consider whether offense is the best defense.
Nevertheless, the subject of just where the line is came up in more than one talk at the Black Hat USA conference in Las Vegas. During his presentation, Robert Clark, operational attorney for U.S. Cyber Command, laid out this scenario: you are a system administrator, and poor security practices lead to theft of intellectual property on your watch.
“What…is my first thought – if I pick up the phone and call the CEO, I’m freaking fired,” he said. “I’m out of a job. So what can I do?”
While it might be tempting to dig through your organizations logs, track the data theft to its source and delete the files off the server, that action can be fraught with legal dangers, he explained. For example, accessing the server for example could be a violation of the Computer Fraud Abuse Act, he noted.
“So you’re in there, and you see your files there…I’ve got to elevate my privileges to delete [the files] off of there…. congratulations, count two of the Computer Fraud Abuse Act,” he said.
Earlier this week, nCircle polled 181 people at the Black Hat conference in Las Vegas and discovered 36 percent said they engaged in retaliatory hacking in the past. “There’s a huge difference between a security expert who can qualify attackers and apply appropriate responses and a neophyte who reacts blindly,” said nCircle CTO Tim ‘TK’ Keanini. “The best strategy for most companies is to forget retaliation and concentrate on improving their defenses.”
During his presentation at Black Hat, former FBI Assistant Director Shawn Henry argued that organizations needed to “step up” in the fight against cyber-criminals – but added that he did not mean cyber-retaliations should be in play. Instead, organizations should focus on gathering intelligence that can be used to both catch and defend against attackers.
“We need to understand who the adversary is, because if we understand who they are, we can take proactive measures,” said Henry, who today is president of CrowdStrike Services, an arm of security startup CrowdStrike.
While more than a third responded to the company’s survey stating that they had either hacked back once (23 percent) or frequently (13 percent), Keanini said the actual percentage may be even higher.
“Retaliatory hacking is a huge topic at Black Hat this year, but we should take these survey results with a grain of salt,” he said. “It’s safe to assume some respondents don’t want to admit they use retaliatory tactics. It’s very tempting to strike back out of anger and frustration. However, as infuriating as cyber criminals can be, this ‘eye for an eye’ code of justice can be extremely dangerous.”
More from Brian Prince
- U.S. Healthcare Companies Hardest Hit by ‘Stegoloader’ Malware
- CryptoWall Ransomware Cost Victims More Than $18 Million Since April 2014: FBI
- New Adobe Flash Player Flaw Shares Similarities With Previous Vulnerability: Trend Micro
- Visibility Challenges Industrial Control System Security: Survey
- Adobe Flash Player Zero-Day Exploited in Attack Campaign
- Researchers Demonstrate Stealing Encryption Keys Via Radio
- Researchers Uncover Critical RubyGems Vulnerabilities
- NSA, GCHQ Linked to Efforts to Compromise Antivirus Vendors: Report
Latest News
- VMware Plugs Critical Flaws in Network Monitoring Product
- Hackers Issue ‘Ultimatum’ Over Payroll Data Breach
- US, Israel Provide Guidance on Securing Remote Access Software
- OWASP’s 2023 API Security Top 10 Refines View of API Risks
- Android’s June 2023 Security Update Patches Exploited Arm GPU Vulnerability
- ChatGPT Hallucinations Can Be Exploited to Distribute Malicious Code Packages
- Blumira Raises $15 Million for SMB-Tailored XDR Platform
- Microsoft Will Pay $20M to Settle US Charges of Illegally Collecting Children’s Data
