Hacked companies fight back with a controversial range of deception and tactics

Frustrated by their inability to stop sophisticated hacking attacks or use the law to punish their assailants, an increasing number of U.S. companies are taking retaliatory action.

Known in the cyber security industry as “active defense” or “strike-back” technology, the reprisals range from modest steps to distract and delay a hacker to more controversial measures. Security experts say they even know of some cases where companies have taken action that could violate laws in the United States or other countries, such as hiring contractors to hack the assailant’s own systems.

In the past, companies that have been attacked have mostly focused on repairing the damage to their computer networks and shoring them up to prevent future breaches…But as prevention is increasingly difficult in an era when malicious software is widely available on the Internet for anyone wanting to cause mischief, security experts say companies are growing more aggressive in going after cyber criminals…

Once a company detects a network breach, rather than expel the intruder immediately, it can waste the hacker’s time and resources by appearing to grant access to tempting material that proves impossible to extract. Companies can also allow intruders to make off with bogus files or “beacons” that reveal information about the thieves’ own machines, experts say…

“Deception plays an enormous role…”

Other security experts say a more aggressive posture is unlikely to have a significant impact in the near term in the overall fight against cybercriminals and Internet espionage. Veteran government and private officials warn that much of the activity is too risky to make sense, citing the chances for escalation and collateral damage…

Nevertheless, the movement shows the deep anger and sense of futility among security professionals, many of whom feel that a bad situation is getting worse, endangering not only their companies but the national economy…

RTFA for a detailed, often intricate discussion emphasizing both philosophical understanding and common sense cost analysis. You don’t want to waste time in a pissing contest with an opponent who is just as easy to mislead into wasting his own energies.

Yes, I understand how completely satisfying it can be to screw over a sleazy and corrupt opponent. Those are the war stories you tend to remember and relate. But, not today. :)

About these ads

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s