Photo courtesy of flowtastic via Flickr.
Is counter-hacking in the face of dangerous hacks an effective and ethical way to deal with cyber attacks?
High-profile cyber attacks in recent years have shed light on the dangers of hacking. Unfortunately, experts forecast that it is likely to become even more of an issue in the future.
By definition, the term hacking is a broad one, referring to any unauthorized access to a computer, often in order to obtain information. Motivations for hacking range from personal, to political, to monetary.
Cyber attacks are an extreme form of hacking. Perpetrated by individuals or groups upon susceptible computer systems, cyber-attacks are designed to steal, alter, or destroy a specified target.
The difference is typically that ordinary hacking may infiltrate any susceptible computer, while a cyber attack is targeted, sophisticated, and when politically motivated may qualify as cyberwarfare.
A growing threat
According to a survey of Internet experts by Pew Research, of respondents, 63 percent agreed that by 2025, the United States would likely see a major cyber attack causing widespread harm.
Though heightened security is one step to sheltering sensitive data, a recent report issued by the Commission on the Theft of American Intellectual Property (IP Commission) asserts that:“Even the best security systems…. cannot be relied on for protection against the most highly skilled targeted hackers…. Effective security concepts against targeted attacks must be based on the reality that a perfect defense against intrusion is impossible. ” [contextly_auto_sidebar id=”qkUJw9RYeTR2PodLt9r44A6XbwY2WHLH”]Essentially, the sophistication of hacking is such that even — and perhaps especially — the most well-protected information is able to be cracked into by by expert cyber criminals.
As we’ve noted before, an uptick in security breaches via cyber attacks on corporate and government entities spells out bad news for the unprepared and vulnerable.
With more people and objects connected to and dependent on the Internet by the day, and increasing personal information stored online, the risk heightens. The Internet of Things poses a future risk of the attack of physical assets as well.
We live in a connected world, and as Jay Cross of the Internet Time Group tells Pew Research, “Connectedness begets vulnerability.”
Attacks on the iCloud, Sony, White House, the Senate and many corporations made news recently, and considering only four in ten cyber attacks are reported, there are certainly many more.
Counter-hacking and counter-attacks: When victims fight back
Security only goes so far, and is rendered useless once an attack is underway. But there are other options when dealing with cyber criminals: fighting fire with fire, hacked vs hacker.
Counter-hacking entails a hacked entity (or defender of the entity) using hacking methods either to attack the hacker back, or block the efficacy of their attack.
Ideally, this would involve a real-time counter-infiltration by releasing malicious code on the attacker as an active defense or infiltration and remote-control of the attacker’s machine. It might also involve retrospective response, such as hacking to retrieve stolen content.
The late 2014 cyber attack on Sony Pictures over controversial comedy,The Interview, which linked to North Korea by the FBI, is a good example of several ways counter-hacking could have — and may have — been used retrospectively.
- Sony’s counter: Allegedly, Sony used a hacker method called distributed denial of service (ddos) to bombard websites where its stolen content was being made available. Amazon denies the claim.
- The White House’s counter: The White House considered counter-cyber-attacks as a response to the “national security issue.” President Obama promised to respond proportionally, though it remains uncertain if they resorted to this measure. Sanctions were also imposed on North Korea, which has denied involvement but praised the deed.
- Anonymous’ counter: Vigilante hacker collective Anonymous announced their own vengeance on North Korea through what they called Operation RIP North Korea (#OpRIPNK), a threat that implies a counter-attack on North Korea’s computer systems.
- Other counters: Though it is unknown if hacking was the origin, North Korea found much of itself without Internet briefly in December (the country, however, blames the US).
Is this effective, or legal?
According to the IP Commission’s report, hacked businesses should be able to use counter-attack methods to either retrieve stolen electronic files or prevent exploitation of stolen data. This type of policy, though aggressive, could be effective in facing down and deterring hackers.
The current legality, however, is up in the air — many believe any type of counter-hack would be illegal under the Computer Fraud and Abuse Act and advised against the Justice Department’s cyber-crime manual.
This is because – as the IP Commission’s report also acknowledges – hacking back can be destructive to innocent third parties who hackers often wire their attacks through for added defense.
As hacks and cyber attacks continue to pose threat to individuals, businesses, and the government, methods of defense, including counter-hacking, will likely continue to be explored.
Some experts, such as former NSA and DHS official, Stewart Baker, believe that there is room for ambiguity within current law, especially in regards to a method called Remote Access Control (RAT) poison, which would be able to identify the source of the hacker and the infiltrated machines.
Others argue that counter-hacking is under any and all circumstances vigilantism, regardless of efficacy. But the violation may be admissible as self-defense, even though the current law lacks this statute.
Though we may see policy change in the future, for now, the world of hacking and counter-hacking remains a murky world which largely evades the law as we know it.