The U.S. government should opt to carry out hack backs as retaliation against the massive attacks against organizations in the US private sector, and when appropriate, the military’s hacking unit should hit back, this is what three experts said at a panel organized by APCO.
The three experts with experience in the private sector, intelligence community and military, agreed that the private organization victims of cyber attacks have to delegate the response against the attackers to the US Cyber Command.
“I think if it’s going to happen, it’s best in the hands of the government,” said Sean Weppner, chief strategy officer at NISOS Group and a former DOD cyber officer.
The experts highlighted that private companies have no intelligence abilities to attribute the attacks to a specific threat actor and have no specific offensive capabilities to conduct hack backs.
Private companies not only have no capabilities to conduct hack backs, they are not legally authorized to do it.
“The U.S. government should decide how to retaliate against the worst attacks on the country’s private sector, and when appropriate, the military’s hacking unit should hit back, three experts said Monday.” reported CyberScoop.
“The controversial idea entails taking the fight to nefarious actors by attacking their computer network in-kind, probing for exfiltrated data and employing measures to retrieve or destroy stolen information.”
Alex Bolling, the former chief of operations at the CIA’s Information Operations Center, approached the problem of cyber attacks against critical infrastructure that in most of the cases are owned by private entities.
The response of attacks against critical infrastructure operated by private organizations must be delegated to the US Government.
In the majority of the cases, attacks against critical infrastructure are powered by persistent attackers and for this reason, a response requests specific cyber skills and the US CYBERCOM has them.
Speaking of the CYBERCOM Bolling said it is the “agency that is best resourced to respond to threats to [U.S.] national interests…[and] critical infrastructure in the energy, finance and wider commercial space,”
Private companies cannot carry out hack backs if we want to avoid a digital far west. A private company that decides to target its attackers is anyway a serious threat to the overall digital community.
“For one, companies venturing out into foreign networks would run the risk of disrupting existing U.S. intelligence or military operations.” continues CyberScoop.
According to Edward Amoroso, CEO of Tag Cyber, the US CYBERCOM should isolate the specific target to hit and attack it limiting the risk of any collateral damage.
“I’d like to think there’s a lot of human intelligence and spy-craft that provides a really good view” to the government, said Amoroso.
Experts warn of the risk of hack back non-responsible party due to a wrong attribution of the attack.
Of course, every threat must be properly approached especially the ones that daily target the U.S. private sector. The three experts urge a proper cyber hygiene to mitigate the risks of cyber attacks and limit the necessity to carry out hack backs.