Here's something you don't see every day. A new bill introduced by Rep. Tom Graves, a Georgia Republican, gives permission to hacking victims to hack their aggressors; something we are calling 'back hacking'. Will this become the lex talionis of the digital age? Will cyber victims transform into digital vigilantes? Or will law of retaliation lead to more chaos online?
Below we look at the new proposal and the possible consequences we may see because of it. Want to raise your cybersecurity awareness? Check in with CyberPolicy every week to learn about the latest news!
An Eye for an Eye
In theory, the Active Cyber Defense Certainty Act empowers targeted users to use "limited defensive measures that exceed the boundaries of one's network" to identify or stop digital attackers.
According to Graves, "This bill is about empowering individuals to defend themselves online, just as they have the legal authority to do during a physical assault... Current law essentially leaves individuals and businesses defenseless if their anti-virus software fails. I want that to change."
But there are some major concerns about this idea:
This bill could also open victims to further harm. Cybercriminals, especially script kiddies, are known for being dedicated and vindictive. The spirit of this can be seen in the credo of hacktivist group Anonymous: "We do not forgive. We do not forget. Expect us."
In fact, Aaron Barr, the former CEO of security firm HBGary Federal, spent a month tracking down members of Anonymous in hope of exposing its leaders and internal structure. The project was hardly successful and resulted in a slew of attacks that cost HBGary millions of dollars and damaged pending acquisitions with potential buyers.
"The attackers are quintessentially Anonymous: young, technically sophisticated, brash, and crassly juvenile, all at the same time," writes Ars Technica reporter Nate Anderson.
Ask yourself, would you want this to happen to you or your company? It's very possible that the cybercriminals you target are more adept at launching attacks and causing chaos than you are.
Instead of inciting a flame war with hackers you don't know, take a moment to invest in a cybersecurity insurance from CyberPolicy. It's a far better way to defend your digital assets from data breach and cybercrime. What are you waiting for? Get your free quote now!