Hacking Back: Industry Reactions to Offensive Security Research
Hacking: The using of a computer and/or program in order to gain unauthorized access to data in a computer, system or network. LookingGlass Cyber (n) - not the axe swinging you’re thinking of. This type of hacking is unauthorized access to another computer, or system. Back: Industry Reactions to Offensive Security Research
“Companies not prepared to deal with the consequences of attempting to penetrate attacker infrastructure should stay far away from retaliation. The attackers have nothing to lose and you may encourage escalation. A DDoS attack can quickly grow from annoyance to crippling. Attackers may decide to release personal information about company executives and their families. If extortion is involved, the attackers may decide that your attempts to “hack back” increase the price to go away. Depending on location, you may be violating local laws and put yourself into the attacker category.
One has to ask, “what’s the goal?”, “what do you gain by penetrating the attackers infrastructure?”. If you were successful, what next? If you manage to take down infrastructure, have you stopped the threat? Is the end game to reveal the attackers? At least law enforcement has the ability to ultimately intervene at a physical level. If you can’t stop the people, they will just set up new infrastructure.” writes Jason Lewis, Chief Collection Officer, LookingGlass
Excerpted from full article: http://www.securityweek.com/hacking-back-industry-reactions-offensive-security-research