Hacking back in degrees

Welcome to Offensive Countermeasures!

Before we get into this too much please check out the following:

The main issue with computer security and Cyber-Warfare today is that there is very little that most organizations on our side are willing to do when
it comes to hacking back against the attackers. There are a number of
good reasons for this, one being legal issues and collateral damage to
intermediary systems. However, it is an aspect of computer security that
needs to be addressed, especially for our customers.

Long story short, if we have overly stringent rules and our opponents do not, whom is going to win?

We have to get inside an attacker’s OODA loop and change the dynamics in such a way they did not expect.

Hence, offensive countermeasures should be considered.

This is quite a bit different than seeing an attack from an IP address, then attacking that IP address. Rather it requires some subtle
techniques that we can utilize on the inside of a network after an attacker has
comprised the perimeter. And trust me, they will get in.

So this site is dedicated to finding ways to hack back. It is also dedicated to finding ways to get attribution on who the attackers are and where they are coming from.

Please, understand that we are also about options. We want to provide ways to find out as much as possible about an attacker, all the way to getting access to an attacker's system.

Finally, we want to illuminate the legal issues surrounding this topic. Time to fight FUD with fact. There is case law. Hacking back has been done. It just requires a bit of research and finesse.



Views: 196

Comment by bberger on July 20, 2010 at 5:16am
I think this a good approach but we have to be very careful. It is a little like law enforcement using violence. We have to be sure of our target once we decide we are going to cause harm. I like the idea of developing the strategy and conditions ahead of time much like we do with Contingency Planning. Then we know how to react quickly without having to go through too many hoops.
I think there will be a set of circumstances in which Offensive Countermeasures will obviously be warranted, some others where it would be a "maybe", and then some in which you would never use them.


Comment by David Willson on February 22, 2012 at 3:53am

Strandjs, do you know of case law on hack back?  I have not found any.  My theory focuses on the CFAA and provides that when using automated responses or code you have not gain unauthorized access to a computer.  Many caveats and disclaimers here, which I cover in my article, but companies, under certain circumstances and after satisfying certain criteria, do have a right to defend their network in self-defense from a persistent threat.  This is not retribution but must be a persistent threat causing or potentially causing damage to the business.



You need to be a member of OffensiveCountermeasures to add comments!

Join OffensiveCountermeasures

© 2014   Created by strandjs.   Powered by

Badges  |  Report an Issue  |  Terms of Service