Authorities are now telling us that revenge hacking is becoming rampant in the digital world. We are now seeing where hackers are hacking other hackers. Cybercriminals may target a list of bank customers by releasing a series of phishing emails to get access to their accounts. The legal choice for combating these activities is to wait on law enforcement to perform an investigation and then maybe the hackers will get caught and apprehended, but how many months is that going to take? So in these instances, we are discovering people like the bank whose customers got targeted, are more than willing to choose another plan of action. And there are now security consultant teams who are more than willing to strike back on their behalf.
In this particular case, the team that the bank had hired proceeded to break into infrastructure of the hacker which was located on a set of foreign servers. They located a list of the exact people that were phished by the hackers.
This incident represents an underground operation knowing as hacking back, where individuals and private companies strike back at hackers in order to protect data and networks, and many times breaking the law along the way. Even though everyone in the information security circles are very much aware of this practice, news of these revenged hacking campaigns rarely ever make it to the general public.
Interestingly though, the practice of hacking back could become legal according to legislation that was proposed by a congressman in Georgia.
“Almost every large organization I consult with has some form of hack back going on,” a security consultant said recently.
The act of hacking back, which is also referred to as active defense, actually cover several different tools and methods. One such technique is where companies lay booby-trap within their files to ensnare a hacker attempting to steal documents. Another approach involves penetrating a cybercriminal’s infrastructure for any weaknesses or clips of data which may reveal who conducted the attack.
At a much more sophisticated level, a hack back could even include getting access into the cybercriminal’s servers to wiping all data and destroying the server. This would serve to completely demolish the malware of the hackerer.
A good hack back could even assist investigators with the painstaking task of attribution – which is trying to determine the identity of an attacker. Instead of relying on merely the forensic evidence that hackers leave behind on a network, these victims could actually gather more data from the computer of the hacker. So rather than simply analyzing fingerprints following a burglary, investigators could actually chase the getaway car and even find where criminal lives.
Of course, there are those who think that hacking back is a violation of the United States’ Computer Fraud and Abuse Act. And there could be other violations committed as well, depending on the activities of the revenge hackers. And then there’s the jurisdiction issues should a hacker keep data on a foreign server. Foreign laws would have to be considered as well.
There have been times when United States Department of Justice have considered charging people for revenging hacking. And there have been cases where these revenge hackers have interfered with law enforcement operations. Many FBI agents have come across these hack back activities as they were investigating various cases.
So now that revenge hacking is becoming rampant, it will be interesting to see what happens in the next few years.