The MIT Technology review released an article today on Five reasons “hacking back” is a recipe for cybersecurity chaos. The author is totally correct on the five reasons identified. In a nutshell, one of the challenges of cyberwarfare is that for organizations other than nation states with clear enemies, the role of cybersecurity can only be for cyber-protection. It is a defensive game.
There was however a sixth reason why hacking back is a really bad idea. It is related to their second reason – 2. It’s really hard to know for sure who’s behind a cyberattack. In fact it is highly likely that the system that is being used to attack yours is one that is compromised and the owner of the system, which could be your business partner, your neighbor, a philanthropic organization, a church – you get the idea, is the organization that you would be attacking if you really couldn’t trace the origin of the attack to the person or organization that actually launched it.
My recommendation – let the US government and FBI identify (or your government and official law enforcement agency fight attackers when they can absolutely identify the source. And don’t consider becoming a vigilante unknowingly attacking your next door neighbor’s business.