Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Black Hat

Black Hat: Hacking Back – The Best Defense May Not be the Best Offense

Black Hat 2012

A new survey of Black Hat attendees shows many are not afraid to fight back against hackers with their own tactics.

The legalities of cyberspace can be complex – particularly when organizations consider whether offense is the best defense.

Black Hat 2012

A new survey of Black Hat attendees shows many are not afraid to fight back against hackers with their own tactics.

The legalities of cyberspace can be complex – particularly when organizations consider whether offense is the best defense.

Nevertheless, the subject of just where the line is came up in more than one talk at the Black Hat USA conference in Las Vegas. During his presentation, Robert Clark, operational attorney for U.S. Cyber Command, laid out this scenario: you are a system administrator, and poor security practices lead to theft of intellectual property on your watch.

“What…is my first thought – if I pick up the phone and call the CEO, I’m freaking fired,” he said. “I’m out of a job. So what can I do?”

While it might be tempting to dig through your organizations logs, track the data theft to its source and delete the files off the server, that action can be fraught with legal dangers, he explained. For example, accessing the server for example could be a violation of the Computer Fraud Abuse Act, he noted.

“So you’re in there, and you see your files there…I’ve got to elevate my privileges to delete [the files] off of there…. congratulations, count two of the Computer Fraud Abuse Act,” he said.

Earlier this week, nCircle polled 181 people at the Black Hat conference in Las Vegas and discovered 36 percent said they engaged in retaliatory hacking in the past. “There’s a huge difference between a security expert who can qualify attackers and apply appropriate responses and a neophyte who reacts blindly,” said nCircle CTO Tim ‘TK’ Keanini. “The best strategy for most companies is to forget retaliation and concentrate on improving their defenses.”

Advertisement. Scroll to continue reading.

During his presentation at Black Hat, former FBI Assistant Director Shawn Henry argued that organizations needed to “step up” in the fight against cyber-criminals – but added that he did not mean cyber-retaliations should be in play. Instead, organizations should focus on gathering intelligence that can be used to both catch and defend against attackers.

“We need to understand who the adversary is, because if we understand who they are, we can take proactive measures,” said Henry, who today is president of CrowdStrike Services, an arm of security startup CrowdStrike.

While more than a third responded to the company’s survey stating that they had either hacked back once (23 percent) or frequently (13 percent), Keanini said the actual percentage may be even higher.

“Retaliatory hacking is a huge topic at Black Hat this year, but we should take these survey results with a grain of salt,” he said. “It’s safe to assume some respondents don’t want to admit they use retaliatory tactics. It’s very tempting to strike back out of anger and frustration. However, as infuriating as cyber criminals can be, this ‘eye for an eye’ code of justice can be extremely dangerous.”

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Register

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Register

Expert Insights

Related Content

Black Hat

Black Hat 2019 recently wrapped in Las Vegas, where somewhere between 15,000 and 20,000 experts descended to experience the latest developments in the world...

Black Hat

LAS VEGAS – The security industry makes its annual pilgrimage to the hot Sonoran desert this week for skills training, hacking demos, research presentations...

Black Hat

Sin City, A.K.A Las Vegas, Nevada – is once again playing host this week to the Black Hat and DEFCON security conferences. With throngs...

Black Hat

Bypassing Air Gap Security: Malware Uses Radio Frequencies to Steal Data from Isolated Computers 

Application Security

Prominent security practitioner Matt Tait kicked off the annual Black Hat security conference Wednesday with a call for platform vendors to make major technology...

Black Hat

The presentation "Jackpotting Automated Teller Machines" was originally on the schedule at Black Hat USA 2009 but the talk was pulled at the last...

Application Security

As the year comes to a close, we thought it would be appropriate to highlight some of the best stories and columns for 2010....