Hacking Back – Should We?

There has been a growing chorus of those in the business community and even some cybersecurity professionals that think we should fight fire with fire.  In other words, if we become the target of a hacker, the company should have the right to make the hacker a target.  While understanding those feelings, I am not sure vengeance should be the motivating factor for any important decision.

Vlog on the subject – see if you can spot the cameo

Recently, I came across an interview on the Government Technology Insider website and the subject of the interview was Malcolm Harkins.  The fact that I had just met Malcolm a couple of months ago is what peaked my interest.  However, the interview itself is what kept me reading.  The focus of the interview was whether hacking back is a viable strategy for cyber defense.  In the interview, Malcolm makes some greats points on the side of hacking back not being a fruitful strategy.  One point in particular was regarding attribution.  Attribution is the ability to determine the actual source of the initial attack.  This is a key element in hacking back.  You must have a mechanism to ensure you are getting back at the correct attacker.  Otherwise, you will open yourself up to some major liabilities if you cause harm to the wrong person or entity.  Hackers, as a rule, work very hard to cover their tracks, so this increases the risk of an innocent person or company being harmed by your hack back activities.

If you consider some of the most well-known hacks in recent years, you will get a better understanding of why hacking back may not be the best way to deter hackers.  Take the Target hack, they were infiltrated when the HVAC vendor connected to their network with an infected computer.  The HVAC guy didn’t know he was infected.  What if Target retaliated against the HVAC vendor?  That could have crippled that business for something they didn’t realize they did.  Innocent people would lose their jobs as a result of hacking back.  I know this may seem a bit far-fetched, but in actuality, it isn’t.  Consider this, 60% of small businesses that are hacked go out of business within 6 months.  So, we have to keep these types of scenarios in mind when we think about hacking back.

Hacking back may not be a bad idea for everyone.  Consider the government; because of their vast resources, they are able to determine with a good deal of certainty the source of hacks.  Also, because of the sheer size of our government, it would more than likely have been a state sponsored attack.  I am sure everyone is familiar with the issues with Russia and the attacks that they perpetrated.  This may be a situation where hacking back is warranted.

On the other hand, large corporations have a huge amount of resources at their disposal, and they may have the ability to attribute an attack to the correct hacker, but is this something that we want commercial businesses doing?  This could be considered modern day vigilantism.  When it comes to getting back at bad guys, it has traditionally been the role of law enforcement to handle these types of things.  Putting this new power and/or burden on corporations could lead to a wild west environment on the internet.  That is not going to help anyone in the long run.

Additionally, small businesses who typically have limited resources are certainly not going to benefit from hacking back.  According to the cybersecurity special report from Cisco Systems, 54% of hacks/breaches will cost approximately 500k including, but not limited to, loss of revenue, customers, opportunities, and out-of-pocket costs.  That figure alone would put a small business out of business.  Also, often times, small businesses lack the expertise necessary to perform defensive tasks let alone performing offensive, hacking back activities.

So, it is with that context in mind, that it is best that you invest in your company’s future by implementing good cybersecurity practices.  Here are a few tips:

  1. Invest in a standard Antivirus solution that can be managed across all of your computers and servers.
  2. Implement vulnerability management so that you understand where the holes in your defenses are and you can put together a plan to protect them.
  3. Partner with a cybersecurity firm that understands your needs and proactively spot and repair your cybersecurity issues.

If you are looking for some help in the area of cybersecurity, let CarTek help you

Click the button below and get more information on some of our services offerings that will help secure your present and ensure your future.

Add your review

Your email address will not be published. Required fields are marked *