In light of the growing number of mega breaches (e.g., MEGA Collection #1, Dunkin’ Donuts, Citrix) and the ongoing ransomware epidemic, politicians on both sides of the aisle are pushing for legislations that would allow organizations to take an offensive posture vis-à-vis attackers — often called “hack back”.
Initially introduced in 2017, the Active Cyber Defense Certainty Act (ACDC) was reintroduced in the U.S. Congress earlier this year. The bill would make changes to the Computer Fraud and Abuse Act (CFAA) and allow corporations and other victims of cyber-attacks to pursue adversaries outside their network boundaries to disrupt their activities. However, many security experts warn against commercial organizations taking the law into their own hands and oppose this type of legislation, since it could result in unintended consequences such as targeting the wrong groups or triggering a cyber war with nation-states.
In order to implement an active cyber defense strategy similar to the posture taken by the U.S. Cyber Command over the past few years, organizations could take several steps such as booby-trapping files to trigger alerts, conducting reconnaissance on hacker infrastructures, remotely breaking into attackers’ servers and wiping any data, and even launching distributed-denial-of-service (DDoS) attacks against cybercriminal operations.
However, under current CFAA law reaching beyond an organization’s boundaries to target hackers who have stolen their data, or are trying to steal their data, is considered illegal hacking. Organizations that still choose to implement active cyber defense strategies operate in a gray area in which no guidelines exist. That’s what the ACDC aims to address by establishing acceptable rules of engagement for responding to dat ..
Support the originator by clicking the read the rest link below.
