Slashdot Mirror

← Back to Stories (view on slashdot.org)

Counterterrorism Expert: It's Time To Give Companies Offensive Cybercapabilities

Posted by samzenpus on from the protect-yourself-at-all-times dept.

itwbennett writes: Juan Zarate, the former deputy national security advisor for counterterrorism during President George W. Bush's administration says the U.S. government should should consider allowing businesses to develop 'tailored hack-back capabilities,' deputizing them to strike back against cyberattackers. The government could issue cyberwarrants, giving a private company license 'to protect its system, to go and destroy data that's been stolen or maybe even something more aggressive,' Zarate said Monday at a forum on economic and cyberespionage hosted by think tank the Hudson Institute.

11 of 220 comments (clear)

  1. uhhh, yeah by Anonymous Coward · · Score: 4, Insightful

    I'd expect such nonsense from a former employee of BushCheney Co. Would you also "deputize" a privately held corporation to get some F-16's and go bomb the attackers? It is virtually the same thing. I guess the BushCheney Corporation would have loved that.

    Such attacks are attacks on U.S soil, and should therefore be handled by the military, and only the military.

    Otherwise, this will create private, corporate owned, corporate sponsored armies. They will be, essentially, corporate warlords.

  2. Not at all a new concept by taustin · · Score: 4, Insightful

    It's called a "Letter of Marque," and they've been used in places where governments can't enforce their sovereignty for centuries.

    It usually doesn't turn out all that well, but may well be better than nothing.

    1. Re:Not at all a new concept by Chris+Mattern · · Score: 4, Insightful

      ...but may well be better than nothing.

      Ah, yes, politician's logic. "Something must be done. This is something. Therefore we must do it."

  3. Oh sure by msobkow · · Score: 5, Insightful

    Oh sure, let's trust the people who can't even protect their own networks to properly identify the perpetrators of a hack instead of some innocent bystander running a TOR exit node. I can't see any risks associated with that. No. Not at all... :(

    --
    I do not fail; I succeed at finding out what does not work.
  4. Whoa, we really need to think this through... by mpthompson · · Score: 4, Insightful

    Giving private corporations the ability to identify anyone they don't like a "cyberattacker" and then attack them will be very dangerous. Imagine companies pursuing IP related complaints (whether real or imagined) being deputized to go after people and their systems in this manner. There are damn good historical reasons we have a legal system in place -- one of which is to the prevent abuses that vigilante systems foster.

  5. Prove to me by nehumanuscrede · · Score: 4, Insightful

    that you are competent enough on the defensive side of things first and we'll talk about it.

    When your company can't even be bothered to properly secure our personal information on your servers ( plaintext files . . . really ? ) what sort of insanity is it to even CONSIDER giving these very same folks offensive capabilities ?

    It's like giving a shotgun to a monkey and hoping nothing bad comes of it :|

    Seriously. . . . wtf ?

  6. What is old is new again by Anonymous Coward · · Score: 5, Insightful

    Look up "letters of marque and reprisal", and perhaps "privateering", too.

  7. Re:If you deputize them by msauve · · Score: 4, Insightful

    I'm sure it would be used with the same level of integrity as the DMCA is.

    --
    "National Security is the chief cause of national insecurity." - Celine's First Law
  8. What the hell is cybercapability (or cyberweapon)? by guruevi · · Score: 4, Insightful

    There is no such thing as a cyberweapon. There is hacking/cracking and that is generally done through technical weaknesses and/or social engineering. There is no such thing as a cybertank or a cybergun, something that can actively break through something that it was not intended to go through. There is no software that can simply break through a web server by sheer force.

    Using any kind of military jargon with what amounts to a technical capability of a piece of software is (car analogy) like telling us that foreign car mechanics and imported engines are capable of destroying our infrastructure and instead of fixing the engines or building our own to counteract it we have to deploy our own car mechanics and engines to foreign countries.

    Using these analogies of cyberweapons with technical experts just sounds like a bunch of military people heard of the printing press and now they want to destroy people with paper cuts.

    --
    Custom electronics and digital signage for your business: www.evcircuits.com
  9. Re:If you deputize them by siddesu · · Score: 5, Insightful

    Given that most "cyberattacks" are caused by crappy software, making software companies liable for their bugs looks like a better option to me.

  10. Re: Dumbest idea ever by kilfarsnar · · Score: 4, Insightful

    Competitors? You act as it there is actual competition out there. Competition is a myth they use to sell capitalism with. Sure, the car wash place down the street may have competition, but not the multinationals. That's just another illusion they try to maintain.

    What they will do is retaliate against whistleblowers and activists. They already look on people who tell the truth about them as terrorists, with the full support of their bought and paid for law enforcement allies.

    Don't forget pirates and copyright infringers, whether those people are actually involved in such activity or not. They're already pursuing legislation that would criminalize interfering with their ability to make a profit.

    --
    "What the American public doesn't know is what makes them the American public." -Ray Zalinsky (Tommy Boy)