US mulls new tactics to stem wave of cyberattacks

US mulls new tactics to stem wave of cyberattacks

WASHINGTON - As hacking attacks reach epidemic proportions, the US cybersecurity community is looking at new ways to step up defence, including counterattacking the hackers themselves.

US cybersecurity firms have begun unprecedented levels of cooperation to shore up America's key computer networks, and some experts argue in favour of "hacking back," or using offensive tools to improve defence.

Last month, dozens of cybersecurity firms and partners pooled resources in an effort to root out malware believed to originate from a Chinese state-sponsored group, dubbed Axiom.

"We wanted to make absolutely sure we did something that caused them some level of pain," said Zachary Hanif at iSight Partners, one of the cybersecurity firms involved in the operation.

Although the operation stopped short of "hacking back," the coordination aimed to "throw a large wrench into their engine," according to iSight's Brian Bartholomew, by coordinating defence to remove malicious software from and fortify defences. The group cleaned up some 43,000 infections over two weeks.

Some experts argue tougher defence is not enough, and that some kind of offensive action is needed to halt the worst attacks in cyberspace.

Stewart Baker, a former assistant secretary of homeland security who now practices law in Washington, argues that limited "hacking back" could be justified, even though the legal issues are unclear.

Morally justified? 

Baker said any actions a company takes outside its own network could be viewed as illegal, but there is a strong case to be made for reaching out to networks of third parties used by hackers to transit stolen data.

"I think you are morally justified for sure" in taking such actions, Baker told AFP. "And I think the probability of being prosecuted is very low."

Baker said if a firm can locate its stolen data and has a way to recover it, "they would be crazy not to."

"They can't wait for the government to get a court order. By the time that happened, everything is going to be gone."

But going beyond that, such as seeking to take out a hacker network, would mean "taking on risks" of legal liability.

US Justice Department guidelines caution against any retaliation.

Baker said the guidelines "don't quite say it's illegal, they say it's a bad idea."

A 2013 presidential commission report on intellectual property theft suggested some types of retaliatory actions should be legal.

More about

Purchase this article for republication.



Your daily good stuff - AsiaOne stories delivered straight to your inbox
By signing up, you agree to our Privacy policy and Terms and Conditions.