Hacking Back Against Cyberterrorists: Could You? Should You?
Defense Against Terrorism Review, (ISSN. 1307-9190) is a peer-reviewed journal published by the NATO Center of Excellence - Defense Against Terrorism, Ankara, Turkey. This article appears in Volume 9.
14 Pages Posted: 9 Jan 2018
Date Written: August 18, 2017
Cyberterrorists have become adept at using cybertools to modify or deface websites, steal information, and use social media. It is also expected that they will increasingly use the tools and techniques developed and used by cybercriminals, which are widely available. Add to this the nation-state-level tools released by sources like Wikileaks, and it becomes obvious that cyberterrorists are gaining increasingly sophisticated and dangerous weaponry. When an organization – whether that organization is part of a nation’s critical infrastructure or not, and whether that organization is part of a nation’s public or private sector, is attacked, a natural reaction to that attack is a desire to identify the attacker and to launch a counterattack. This desire is no different in the warfighting domain of cyberspace than in the real world. But is it a good idea? Are there differences between this kind of counterattack if carried out by a private sector organization or a government agency? In this article, the authors look at the potential advantages and risks associated with what’s called ‘hacking back’, and conclude that the risk/reward equation can be complex and must be carefully considered before.
Keywords: Cyberterrorism, Hacking back, Cyberwarfare, International Law, Critical Infrastructure
JEL Classification: M48, O32, O33
Suggested Citation: Suggested Citation