IOEKTA | Creative Unity

Cyber vigilantism

Hot on the heels of Sony hack american business community debates revenge hacking tactics to fend off attacks by cyber criminals.

Under U.S. law, as is also the case in most other nations, it is illegal to fight back hackers by exploiting similar methods, often aiming at either to shut down their systems or to retrieve stolen information.

A 30 years old U.S. Computer Fraud and Abuse Act, forbids U.S. companies from accessing external computers to overload servers to retrieve stolen information or even to stop an impending attack.

When, in 2012, the U.S. government named Iran as a culprit behind the hacking of some of the country’s largest banking institutions, it was reported that the official of one of the banks proposed that the banks hit back by taking down the Iranian servers.

After Sony hack the businesses have grown even more frustrated with the inability of government agencies to prevent such large scale incidents.

A recent McAfee report found that hackers and other cyber criminals are responsible for the loss of $375 billion – $575 billion each year, according to a June 9 McAfee report and that more than 800 million people worldwide had their private information stolen in the past year.

The report takes into account losses on intellectual property and confidential business and financial information, cyber theft, loss of consumer trust, service disruptions, network security costs, insurance costs, recovery from cyber attacks, and reputational damage to companies.

Despite running expensive security systems businesses remain vulnerable to cyber hacking.

However resorting to cyber vigilantism does not seem to be a right answer to the woes of troubled companies. Often it is impossible to tell what will be the fall out of the servers abroad getting hit with retaliation as many legitimate stakeholders might be relying on the targeted server.

Hence, a number of observers has called for creating a framework that would let government agencies deal in a much faster manner with hacking threats when businesses ask for help.