Hacking Hackers: Taking Matters Into Private Hands

Private groups are fighting back against foreign sources of malware and credit fraud. But methodologies put these digital crusaders and their employers at serious legal risk.

Imagine you're a security professional at a large financial institution monitoring the firewall and taking note of the varieties of malware that attack on a daily basis, how they operate, and what makes them tick. The security and IT teams disarm them and patch whatever holes are uncovered. Each day brings new attacks, so much so that a lack of malware would likely indicate a downed detection system, not that attackers have gone on holiday. Often you'll see an updated version of yesterday's and last week's attack, and you expect another version to come around soon.

Other banks are being hit with the malware, and, like your security partners, you know that this familiar hack has come from a botnet, a collection of hacked computers doing work on behalf of the host, who almost certainly is sitting comfortably behind a desk in Eastern Europe.

What do you do?

Read the rest of this article on Wall Street & Technology