Slashdot Mirror
FBI Monitoring Hacking Targets For Retaliation
An anonymous reader writes: As high profile security breaches continue to grab headlines, little is being done visibly by the government to prevent future attacks. This is prompting some victims (and potential victims) to find creative ways to stop the hackers. The FBI is now concerned that U.S. companies and institutions are themselves breaking laws by retaliating with cyberattacks of their own. "In February 2013, U.S officials met with bank executives in New York. There, a JPMorgan official proposed that the banks hit back from offshore locations, disabling the servers from which the attacks were being launched ... Federal investigators later discovered that a third party had taken some of the servers involved in the attack offline, according to the people familiar with the situation. Based on that finding, the FBI began investigating whether any U.S. companies violated anti-hacking laws in connection with the strike on those servers, according to people familiar with the probe."
They are concerned because some of these Attacks are perpetrated by the FBI/NSA/CIA.
Can't have people retaliating against their own infiltration operations...
Too bad the internet's down in North Korea, they'd be interested in this story for sure!
An i(phone) for and i(phone) and a (blue)tooth for a (blue)tooth.
...should you not defend yourself?
as if the FBI/CIA/NSA aren't already tools of the plutocratic multi-nationals.
i believe that the only reason they don't want them doing it on their own is that it robs the 3-letter agencies of political glory.
never bring a twinkie to a food fight.
Is this the same FBI that told us NK was responsible for the Sony hack?
Federal Bureau of Incompetence.
"If any question why we died, Tell them because our fathers lied."
Normally I would be against this, but nowadays hackers are mostly just extortionists. Not to mention the damage they've done to the work done by real hackers trying to protect freedom. Really, I think this generation of hackers just need to be purged so the scene can get back to normal.
I don't know, seems like in a world where cyber-weapons are routinely deployed, the right to bear arms might reasonably be construed to include cyber-weapons. Especially when you consider that, at the time of writing, the right to bear arms was pretty clearly a protection of the people's ability to effectively rebel against a lawful but non-representative government.
Of course having the right to *have* such weapons, and the right to *use* them, especially indiscriminately, are completely different things. Deploy a weapon likely to have significant collateral damage and you'd better be ready to suffer the full force of the law for the damage you do to bystanders, even if disabling the primary target was a clear-cut case of self defense.
--- Most topics have many sides worth arguing, allow me to take one opposite you.
Probably not. Any hacker with two brain cells to rub together would quietly infiltrate systems in company A, from there infiltrate Company B, C & D, rinse/repeat until sufficient layers of abstraction sit between them & their target, and then use them to attack the real target. If the response of victim X is to nuke the IPs from which the attack came, they are a) hitting the wrong entity, b) potentially destroying evidence left by the real perps, and c) probably initiating a re-retaliation from the victim of their attack.
I prefer rogues to imbeciles because they sometimes take a rest.
but not ok for anyone else. this is what happens when governments routinely skirt the law.
the companies wouldn't have an incentive to do that.
- Zav - Imagine a Beowulf cluster of insensitive clods...
Probably not. Any hacker with two brain cells to rub together would quietly infiltrate systems in company A, from there infiltrate Company B, C & D, rinse/repeat until sufficient layers of abstraction sit between them & their target, and then use them to attack the real target. If the response of victim X is to nuke the IPs from which the attack came, they are a) hitting the wrong entity, b) potentially destroying evidence left by the real perps, and c) probably initiating a re-retaliation from the victim of their attack.
... and so begins Internet War 1!
Does anyone else feel that using the term "cyberwar" to describe this is an insult to anyone who has ever been through a real war? Insofar as there is a conflict between two or more parties, it is like a war. But that's the furthest that the analogy can be taken without it falling apart. Let's get some things straight: computers aren't people, DDoS attacks cause orders of magnitude less suffering than real war, and using a hyperbolic analogy leads to massive escalations of a conflict (e.g. Obama getting involved and taking an entire country offline).
I propose we replace this with a car analogy :). A bunch of people, possibly North Korean, possibly not, have gone and stolen a lot of cars and parked them in JP Morgan's car park. Now all the bankers, and their customers, can't find parking and can't get into the office. Banking and financial services have been denied. Then some guy at JP Morgan realizes that those cars all have New Jersey plates - that's where the attacks are coming from! So they go steal a bunch of other cars, drive them across the Hudson River, and use them to gridlock all the streets in Jersey City. Problem solved - there's now ample parking for Jamie Dimon's Maserati!
Except that because cars were stolen and transported interstate, the FBI now has to get involved.
No, but the Natural Laws upon which Western political thought is based do give you the intrinsic right to self preservation, right up to terminating the threat.
But not in this context. If someone shoots you today, you can't go after them with a gun tomorrow after you get out of the hospital. These actions are not self-preservation at all, just retaliatory in nature. And that is clearly defined in both the explicit statutes and case law as a no-no.
For your security, this post has been encrypted with ROT-13, twice.
In most western countries you have the right to respond to an imminent threat of physical harm with appropriate force. You do not have the right to respond to, for example, property damage. Part of that "Western political thought" is eliminating the cycle of eye-for-an-eye vengeance.
Probably not. Any hacker with two brain cells to rub together would quietly infiltrate systems in company A, from there infiltrate Company B, C & D, rinse/repeat until sufficient layers of abstraction sit between them & their target, and then use them to attack the real target. If the response of victim X is to nuke the IPs from which the attack came, they are a) hitting the wrong entity, b) potentially destroying evidence left by the real perps, and c) probably initiating a re-retaliation from the victim of their attack.
The use of jumpboxes is common when attacking targets, which is exactly what you have described. However, the idea that you just "hack back" via a DDOS isn't how it is done. Companies know that blind DDOS retaliation will only land them in hot water, so they use other methods.
A common method is a honeypot - a network segment with machines in it designed to be infected for observation purposes. Then, when activity is noticed in this network, things like trojaned PDF documents can be placed in the honey pot with titles like "All customers credit cards do not share". The attacker downloads this "great" data, opens it, and gets hacked in return.
This way, the payload is deployed against the target hosts only through the direct action of the attacker themselves.
Other methods that are similar are used, but this should give you the gist.
Try to hack my 31337 firewall!