Should I Hack Them Back? No. No, You Shouldn’t…

Source: https://threatpost.com/gentle-reminder-at-rsa-hacking-back-is-a-bad-idea/116564/

The RSA Conference 2016 just took place last week, but I felt that this was an important topic for all organizations to consider. Regardless if your organization is being hacked, there are various consequences an entity could face if they hack back an intruding individual. There are several problems that arise when it comes to hacking an intruding adversary in cyberspace. The first problem is attribution. An attacker could be using proxies or an already compromised computer(s) to hide their true identity. If you hack them back, you could be hacking an innocent individual’s computer rather than the true perpetrator. The second problem deals with the size of the adversary. When someone is breaching your systems you do not have an initial idea of who exactly is breaking in to your systems. The hacker on the other end could in fact be a nation-state with a very large amount of resources and political pull. Retaliation could cause an international incident. The third problem is that retaliation would break not only U.S. laws but also the laws of the country your gaining a presence in. This action could disable you from getting proper assistance because now as an organization you have involved yourself in a criminal act.