Issue 157 Couter-Hack September 5, 2013

Should businesses fight back against hackers? In my opinion they should. Let us face it, government cannot do it alone. They are incapable of protecting all of us even with all the resources a government has at its disposal (this includes the U.S. too). So let us evaluate the status quo, the positives and the negatives. (Derived from The Economist August 10-16th 2013 issue "computer hacking: A byte for a byte")

Current: Companies are under attack by hackers. "An annual study of 56 large American firms found that they suffered 102 successful cyber-attacks a week between them in 2012, a 42% rise on the year before." Digital defenses like fire walls and anti-spy ware and malware protections can only do so much. Hackers now come in two forms. They work for/are criminals that are most likely in a group, or they work for a government like the hackers in China. If and when these hackers choose to attack a system or an individual computer, the defenses can be overridden and defeated. Basically, there is no longer any true defense.

Pros: Firstly, this becomes a new business model that gives hackers an alternative to working for criminals, or the government. So it will create jobs. It will also enable firms to track any stolen data back to the source and retrieve said data. Therefore the proprietary information is retrieved from the hackers’ computer and prevents leeks of that info. This is the idea that is most popular as it prevents any damage to a computer network. Alternatively there is an idea of licensing hacker groups that can be hired out to hunt down and "deal with the hacker" on the firms’ behalf. Also, governments can provide more information on current and future cyber threats along with any and all materials that a business can use to defend themselves with (or fight back). All together, firms are empowered to protect themselves without the need for government support.

Cons: The negatives are surprisingly few from what I read. Having other hackers track down and eliminate enemy hackers via computer is scary only because hackers cover their tracks via routing data through multiple computers (often without that person’s knowledge). Counter hacker groups may cause collateral damage to innocent people’s computers. Governments also fear that their efforts may be undermined. The U.S. has urged Russia and China to rein in their unofficial hackers and the U.S. support of the international convention on cyber-crime. But from my perspective government can't ever do enough to solve the problem of illicit hackers taking peoples data. There will always be collateral damage to a computer network as well. So both these cons are mute for me.

Conclusion: Businesses despite all the money they take in are at the mercy of hackers. They need an equalizer. That equalizer is another hacker. Let's stop relying on a bloated ineffective government to protect our data, and instead fight back our selves.