[ISN] Should the U.S. allow companies to ‘hack back’ against foreign cyber spies?

http://www.washingtonpost.com/blogs/worldviews/wp/2013/05/23/should-the-u-s-allow-companies-to-hack-back-against-foreign-cyber-spies/ By Max Fisher The Washington Post May 23, 2013 Foreign hackers do remarkable damage by breaking into American companies, stealing intellectual property worth enormous amounts of money, swiping proprietary secrets for military technology or other uses and, in the case of some recent Chinese attacks, even exposing U.S. counterintelligence efforts. The Obama administration has made clear that it takes the threat seriously and is escalating efforts to stop it. One suggestion increasingly floated in the private sector is to allow companies to “hack back.” Current U.S. law makes it illegal for private firms to launch retaliatory cyberattacks, and the issue is highly controversial. But it’s entering the mainstream. A new report, from a private commission on intellectual property theft chaired by former U.S. ambassador to China Jon Huntsman and former director of national intelligence Dennis Blair, raised the possibility of changing the law to allow for hacking back. While it stopped short of directly advocating such attacks, it did call for a milder, legal form of hacking back and said the United States should consider changing the law if other measures fail. It can be tough to talk about allowing corporations to run their own mini cyberwars because, like hacking itself, no one is exactly sure what sorts of norms will develop and where the technology will lead us. The conversations tend heavily toward the hypothetical. Advocates of “hacking back” point out that criminal and state-run hackers are only getting better, and that because they risk little by attacking purely defensive systems, they will simply persist until they succeed. Opponents warn that such a serious escalation could erode what few cyber-norms already exist, turning the Internet into a battlefield where not just rogue states and freelance criminals, but a lot very rich corporations, are invading privacy, stealing data and otherwise hacking for the specific purpose of doing damage. […] ______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.org