Disclaimer: Affiliate links help us produce good content. Learn more.
You have likely heard that “the best defense is a good offense” or that “attack is the secret of defense; defense is the planning of an attack.” It is also likely you have heard the expression: “Revenge is a dish best served cold.”
Depending on the side of the fence you’re sitting on, you might be a strong believer in all or some of the above expressions. As it turns out, you are by no means alone. In the US, policymakers have in recent months been debating a curious bill.
The bill, known as the Active Cyber Defense Certainty Act (ACDC) seeks to legalize hacking back. Basically, if your company falls victim to hackers, you would have the right to hack organizations that you suspect hackers used to mount their assault.
Before you jump on board, take a moment to consider whether the risks outweigh the benefits.
Potential benefits of hacking back
According to a survey by Fidelis Cybersecurity, companies believe that they have the capacity to hack back when hacked if they want to. At least half of the executives responding to the survey said that if it were legal, they would, in fact, hack back. What are the benefits of this aggressive approach?
1. Data decryption
In the case of ransomware attacks, hackers often encrypt sensitive information and demand ransom payment to decrypt it. Being able to hack back would be a much easier and more cost-effective way to get decryption keys than paying a ransom.Furthermore, companies are often advised against paying a ransom as it simply reinforces a bad habit. In some cases, after receiving ransom payment, hackers have the nerve to fail to keep their end of the bargain.
2. Thwarting malicious actors
When you track bad guys, you might be able to gather sufficient counterintelligence to thwart future attacks. That would involve collecting data on the cybercriminals, which could, in turn, help you narrow down to specific attackers.Having information on such attackers could be all you need to thwart suspicious actors whenever you find them sniffing around your data. With such information, you can either slow down a malicious entity or even selectively disconnect them.
3. Taking revenge
4. Supporting federal agencies’ efforts
Concerns about hacking back as a strategy
Like any other seemingly perfect plan, the hacking back strategy has its downsides. And unfortunately, these are too big to ignore, especially if you are contemplating going down that rabbit hole.
1. Attribution issues
2. Collateral damage
3. Can be very time-consuming
4. More questions than answers
5. Revenge turned sour
The law of the jungle vs. true justice
On the basis of the above pointers, the lesson that stands out is that cyber frontiers are by no means child’s play. The idea of hacking back might seem strategic, but the costs may outweigh the benefits.
It might have been commonplace in the Wild Wild West for everyone to fight their own battles. Is it fine to do so now?
Nica is a BA Political Science degree holder who specializes in fintech, SaaS, business and academic writing. She has experience working with founders who graduated from Harvard, tech startups funded by Y-Combinator, CEOs of multi-million dollar blockchain companies, investment companies in London and many more.