The Hackback Debate | Steptoe Cyberblog

The vulnerability of computer networks to hacking grows more troubling every year. No network is safe, and hacking has evolved from an obscure hobby to a major national security concern. Cybercrime has cost consumers and banks billions of dollars. Yet few cyberspies or cybercriminals have been caught and punished. Law enforcement is overwhelmed both by the number of attacks and by the technical unfamiliarity of the crimes.

Can the victims of hacking take more action to protect themselves? Can they hack back and mete out their own justice? The Computer Fraud and Abuse Act (CFAA) has traditionally been seen as making most forms of counterhacking unlawful. But some lawyers have recently questioned this view. Some of the most interesting exchanges on the legality of hacking back have occurred as dueling posts on the Volokh Conspiracy. In the interest of making the exchanges conveniently available, they are collected here a single document.

The debaters are:

Stewart Baker, a former official at the National Security Agency and the Department of Homeland Security, a partner at Steptoe & Johnson with a large cybersecurity practice. Stewart Baker makes the policy case for counterhacking and challenges the traditional view of what remedies are authorized by the language of the CFAA.

Orin Kerr, Fred C. Stevenson Research Professor of Law at George Washington School of Law, a former computer crimes prosecutor, and one of the most respected computer crime scholars. Orin Kerr defends the traditional view of the Act against both Stewart Baker and Eugene Volokh.

Eugene Volokh, Gary T. Schwartz Professor of Law at UCLA School of Law, founder of the Volokh Conspiracy, and a sophisticated technology lawyer, presents a challenge grounded in common law understandings of trespass and tort.

via The Hackback Debate | Steptoe Cyberblog.


2 thoughts on “The Hackback Debate | Steptoe Cyberblog

  1. While I am nowhere near an expert on hacking especially at the government and corporate lever I will attempt to give my two cents on the subject. It seems that no matter how secure a network is there will always be a way to break in and someone ornery enough to do it. The ethical dilema here, is when someone tries to break into your house or attack you physically, it is within your rights to defend yourself even if that involves a counterattack. Using that example I believe that if your network is “under attack” it should be within your right to “attack” back.

  2. Will there is no clear cut answer in how to solve the problem of cyber attacks, or what is the best way to get results. The clear fact is that problem does exist and that people who are responsible for cyber crimes are not held accountable for the damage done. This problem needs to be addressed with better systems and polices to protect companies and people from attacks that they would not result to counter hacking. If hackers were more accountable and held to consequences of there actions, then overall attack would go down and people would not have to worry and try counter attack to protect their systems. Using technology to limit attacks and polices along with enforcement could be a possible way to prevent counter hacking. Providing the user with a sense of security.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s