Why companies should never hack back

2021-08-31 05:00

After major cyberattacks on the Colonial Pipeline and on meat supplier JBS, the idea of allowing companies to launch cyberattacks back at cyber criminals was proposed.

While hack back is gaining traction as a hot topic with some legal minds and policymakers, this approach is shortsighted and very likely to have unintended consequences.

Attempting to hack back an adversary could have geopolitical implications that go well beyond the scope of the individual business and with the possibility of false-flag operations, a counterattack can spark a wider cyberwar.

Hacking back should be left for the government, while businesses can play a supporting role in cooperating with security guidelines and instructions, which was how the FBI succeeded against the DarkSide hacker group.

What companies should do instead. Since businesses cannot go on the offensive, they must double down on their defenses.

Instead of allowing companies to let loose and hack back, the government should continue to bolster the nation's security infrastructure and guide businesses to a better security posture.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/wJhGvn7zK3g/

#hack #hackback