Search Brett's Ramblings

Don't become a hacker by hacking back a hacker that hacked you

Emotions run deep if you are victimized.  Initially, you want blood at any cost.  You also willingly accept any potential future regret, as long as you get blood today.  And unfortunately, no matter how fast justice may come, it will not be soon enough.  This rationale applies to being a victim of any crime and having your computer system hacked counts.

I’ll give a quick two cents in this post just as I did to a victim-client that was hacked.  "Don’t hack back."  Stop talking about and stop thinking about it.  To be clearer, make sure everyone in your company understands not to hack back. Better to focus on plugging the holes and implement your response plan.

Here are some bullet points I give to clients who are blinded by revenge and want blood:

  • You might spend more money than you have in a vain attempt to ID the attacker
  • You might hack an innocent party
  • You might hack a nation-state
  • You might be hacked back by the “innocent” party you hacked back (eg: a nation-state or a better hacker than you would be)
  • You might become a criminal hacker

There are more reasons, but I believe these pretty much cover it.  Going broke, victimizing an innocent party, and going to jail are strong motivators to counter the emotion to exact revenge on a hack.

 

Why does Google think this is a good idea?
Digital Forensics Tenure in Law Enforcement, and o...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, 20 June 2018