US should strike back at cyberattackers: report

October 31, 2016
Although the scope of cyberattacks is understood, the solutions remain controversial

The US government and private sector should strike back against hackers to counter cyberattacks aimed at stealing data and disrupting important computer networks, a policy report said Monday.

A panel of experts assembled by the George Washington University Center for Cyber and Homeland Security said policies should be eased to allow "active defense" measures that deter —differentiating that from the idea of "hacking back" to disable systems used by attackers.

The panel envisioned measures such as taking down "botnets" that disrupt cyberspace, freeing data from "" hackers and "rescue missions" to recover stolen data.

"The time for action on the issue of active defense is long overdue, and the private sector will continue to be exposed to theft, exfiltration of data, and other attacks in the absence of a robust deterrent," the report said.

"When companies have a capability to engage in active defense measures, they are building such a deterrent, which will reduce risks to these companies, protect the privacy and integrity of their data, and decrease the risks of economic and societal harm from large-scale cyberattacks."

The report follows a wave of high-profile attacks against US companies and government databases, and after the Obama administration accused Russia of using cyberattacks to attempt to disrupt the November presidential election.

US policymakers are moving too slowly in dealing with a "dynamic" threat from cyberspace, former national intelligence director and task force co-chair Dennis Blair said.

The Obama administration accused Russia of using cyberattacks to attempt to disrupt the November presidential election

"We are shooting so far behind the rabbit that we will only hit it if the rabbit makes another lap and comes back to where it was," he told a conference presenting the report.

However, the panel did not recommend hacking back "because we don't want the cure to be worse than the disease," project co-director Frank Cilluffo said.

But "there are certain steps companies can take" to repel and deter cyberattacks, he added, advocating the establishment of a legal framework for them.

Although the scope of the problem is understood, the solutions remain controversial.

Some of the recommendations go too far by inviting companies to gain unauthorized access to outside computer networks, task force co-chair Nuala O'Connor, president of the Center for Democracy & Technology, said in a dissent.

"I believe these types of measures should remain unlawful," she wrote, adding that it remains difficult to be sure of cyberattacks' sources.

"The risks of collateral damage to innocent internet users, to data security, and to national security that can result from overly aggressive defensive efforts needs to be better accounted for."

Explore further: US advised to examine 'hack back' options against China

Related Stories

US advised to examine 'hack back' options against China

November 17, 2015

The United States remains ill-prepared to combat state-backed cyber intrusions from China and lawmakers should look at whether U.S.-based companies be allowed to 'hack back' to recover or wipe stolen data, a congressional ...

Intelligence chief: Little penalty for cyberattacks

September 10, 2015

Cyberattacks against American interests are likely to continue and grow more damaging, in part because hackers face a low risk of consequences, the director of national intelligence told Congress Thursday.

House passes bill designed to thwart cyberattacks

April 22, 2015

The House on Wednesday passed long-awaited legislation designed to thwart cyberattacks by encouraging private companies to share information about the attackers' methods with each other and the government.

Recommended for you

Electrode shape improves neurostimulation for small targets

April 24, 2018

A cross-like shape helps the electrodes of implantable neurostimulation devices to deliver more charge to specific areas of the nervous system, possibly prolonging device life span, says research published in March in Scientific ...

China auto show highlights industry's electric ambitions

April 22, 2018

The biggest global auto show of the year showcases China's ambitions to become a leader in electric cars and the industry's multibillion-dollar scramble to roll out models that appeal to price-conscious but demanding Chinese ...

After Facebook scrutiny, is Google next?

April 21, 2018

Facebook has taken the lion's share of scrutiny from Congress and the media about data-handling practices that allow savvy marketers and political agents to target specific audiences, but it's far from alone. YouTube, Google ...

Robot designed for faster, safer uranium plant pipe cleanup

April 21, 2018

Ohio crews cleaning up a massive former Cold War-era uranium enrichment plant in Ohio plan this summer to deploy a high-tech helper: an autonomous, radiation-measuring robot that will roll through miles of large overhead ...

How social networking sites may discriminate against women

April 20, 2018

Social media and the sharing economy have created new opportunities by leveraging online networks to build trust and remove marketplace barriers. But a growing body of research suggests that old gender and racial biases persist, ...

1 comment

Adjust slider to filter visible comments by rank

Display comments: newest first

COCO
not rated yet Nov 01, 2016
kettle black

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.