Is it time to start hacking the hackers?

In the light of unprecedented attacks by cybercriminals against businesses that span every industry, this question has come to the fore: Is it time to fight back?

As the Founder and CEO of Wisegate, a private, expert peer group for senior-level IT executives, I get to work with some of IT's best and brightest security professionals and have a ringside seat to the discussions that unfold.

Wisegate member Jeff Bardin, Chief Intel Officer at Treadstone 71, says "hacker groups and disruption of business has reached an all-time high and no longer can be ignored. We want to get the adversary' to understand that if they launch an attack against a company, there will be costs to pay."

[ALSO:12 white hat hackers you should know]

But members not in favor of going on the offense point to the issue of attribution as a major reason why it won't work: it's too difficult to pinpoint the location and source of many cyberattacks. Yet many security experts say there are some "offense-like" tactics that can drive up the cost of hacking into a corporate network and, if deployed properly, could discourage hackers enough to have a major impact on the threat landscape.

There are interesting questions being raised about how far businesses can go and what types of attacks can actually be effective, says Wisegate member Martin Zinaich, Information Security Officer of the City of Tampa. "It doesn't necessarily have to go from nothing to launching a full out assault against cybercrime infrastructure. It could be much more subtle things like feeding the bad guys misinformation or doing your own reconnaissance."

In fact, many Wisegate members believe there are offensive security measures the good guys can leverage.  Misdirection tactics, for example, can be deployed by heavily targeted companies, such as those in the financial or defense sectors.

"We need to start thinking like our adversaries, to look at different approaches and techniques to confuse an attacker," said Wisegate member Tim McCreight, CISO for the Government of Alberta.  "We're looking at using ethical or white hat' hackers to check our defenses, and we're approaching our program like we're trying to break into our systems. We need to adopt this mindset, and keep focusing on risks."

Unfortunately, offensive security tactics may have their drawbacks as well. Some companies may want to refrain from specifically targeting hackivist groups since it raises ethical questions and the legality of the practice. In addition, building phony systems and fake credentials may be too costly to deploy.

Wisegate members agree it's hard to agree whether "hacking back" is an acceptable enterprise defense practice when no one can agree what the term means. Offensive security is huge but relatively undefined and it's compounded by the fact that the laws governing it are vague.

I believe this topic is critical. While hot button issues will be raised and flames fanned by the media, it takes time to think through the best responses to issues our IT leaders are facing. It takes time for the issues to be raised in the trenches and substantive opinions to be developed.

The single most important key to fighting cyber crime will be harnessing the collective intelligence of the good guys in our industry. If we can garner the collective intelligence of these practitioners, all things are possible.

Gates, Founder and CEO of Wisegate, is a respected industry veteran of several start-ups and large enterprise IT companies, including VP of Identity Management at Sun. 

Read more about wide area network in Network World's Wide Area Network section.

Join the CSO newsletter!

Error: Please check your email address.

Tags securitylegalintelWide Area Networkcybercrime

More about Intel

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Sara K. Gates, Founder and CEO, Wisegate

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place