Officials reintroduce a bill that would let businesses monitor attacker behavior and target intruders on corporate networks.
"Hacking back," the largely controversial concept by which organizations can target intruders on their network, has reappeared in a bill poised to be the subject of arguments in Washington.
Rep. Tom Graves, R-Ga., is today reintroducing a bill that would let businesses monitor for, locate, and potentially target cyberattackers. This isn't the first time Graves has attempted to making "hacking back" legal, CyberScoop reports. It had previously been found to violate the Computer Fraud and Abuse Act (CFAA), which prohibits computer access sans authorization.
So why try again? Graves, who says businesses are already targeting intruders, points to a lack of rules around the practice. If the bipartisan bill is passed, he hopes businesses will share intelligence on cyberattacks with the government. The bill does not currently enforce this.
While the US Cyber Command has recently been given the go-ahead for more offensive cyber operations, there are myriad reasons security experts think "hacking back" is a bad idea. For starters, cybercriminals often take several steps to disguise their identities; as a result, it's difficult to determine who was actually behind an attack. Federal government officials, and many security researchers, don't think companies will be able to ascertain who targeted them.
Read more details here.
About the Author(s)
You May Also Like
The fuel in the new AI race: Data
April 23, 2024Securing Code in the Age of AI
April 24, 2024Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024