The Internet is a modern day Wild West. Individuals, businesses, and governments face extraordinary challenges protecting themselves in the digital Wild West, and history has shown that law enforcement is under-resourced to tackle all but the most pressing criminal cases. What’s the answer? U.S. Congressional Representatives Tom Graves and Kyrsten Sinema are proposing legislation — the Active Cyber Defense Certainty Act — with good intentions, aimed at reforming the Computer Fraud and Abuse Act (CFAA) – 18 U.S. Code § 1030. The CFAA is outdated (signed in 1986) and doesn’t provide an adequate disincentive to cybercrime.
However, hacking back is not the answer. The Internet crosses national boundaries in milliseconds, and attackers routinely encrypt and disguise their traffic between compromised servers and victim machines in multiple geographies. Adversaries reuse existing code and tools to plant false flags and confuse attribution efforts.
Read why Levi Gundert, Vice President of Intelligence at Recorded Future thinks that far from helping organizations defend themselves, hacking back will escalate an already chaotic situation, on DarkReading.