Proposed Active-Defense Bill Would Allow Destruction of Data, Use of Beacon Tech

Trailrunner7 quotes a report from On the Wire: A bill that would allow victims of cybercrime to use active defense techniques to stop attacks and identify attackers has been amended to require victims to notify the FBI of their actions and also add an exemption to allow victims to destroy their data once they locate it on an attacker's machine. The Active Cyber Defense Certainty Act, drafted by Rep. Tom Graves (R-Ga.) in March, is designed to enable people who have been targets of cybercrime to employ certain specific techniques to trace the attack and identify the attacker. The bill defines active cyber defense as "any measure -- (I) undertaken by, or at the direction of, a victim"; and "(II) consisting of accessing without authorization the computer of the attacker to the victim" own network to gather information in order to establish attribution of criminal activity to share with law enforcement or to disrupt continued unauthorized activity against the victim's own network." After releasing an initial draft of the bill in March, Rep. Tom Graves held a public event in Georgia to collect feedback on the legislation. Based on that event and other feedback, Graves made several changes to the bill, including the addition of the notification of law enforcement and an exception in the Computer Fraud and Abuse Act for victims who use so-called beaconing technology to identify an attacker. "The provisions of this section shall not apply with respect to the use of attributional technology in regard to a defender who uses a program, code, or command for attributional purposes that beacons or returns locational or attributional data in response to a cyber intrusion in order to identify the source of the intrusion," the bill says.

Sure...no pandora's box here....

[cayenne8]

While I understand fully the thoughts behind doing something like this....I just think "Wow...what could possibly go wrong here...?"

I'm guessing that large businesses could get in on this too? If not now, just wait....

And, we've seen how well just take down notices work....often not even justified, but still...the party acted upon is now guilty till proven innocent.

What constitutes a valid victimization? Telling someone you don't like them? They small bad? That allows them to infiltrate your computer, destroy information...etc?

This sounds like a real pandora's box being opened here.

Attack Google and Microsoft?

[Bing+Tsher+E]

So this bill empowers me to attack Microsofts and Googles servers to destroy my data that they have taken?

Foolishness.

[Gravis+Zero]

What this is going to enable people to do is destroy zombie computers and devices under the guise of retribution. While this may seem good at first, it's just going to be the moms and pops of the world losing all their data because they got infected with a virus and somebody unleashed hell on their machine. It seems like it would be far more helpful to require ISPs to detect a DoS in progress and cut off the infected customer. A scorched Earth campaign will do little to change the world.