Legal Hack Back Lets You Go After Attackers In Your Network (csoonline.com)

← Back to Stories (view on slashdot.org)

Legal Hack Back Lets You Go After Attackers In Your Network (csoonline.com)

Posted by BeauHD on Tuesday October 24, 2017 @09:20AM from the right-back-at-ya dept.

itwbennett writes: Security startup Cymmetria has a new offering for customers: "legal hack back." The hack back tools have been added to the company's MazeHunter deception technology and will enable "tracking down the attack servers and wiping data originally stolen from their servers, probing the attack infrastructure for weaknesses to exploit, disabling the systems controlling malware, looking for information about the attackers to use in attribution, and launching distributed denial-of-service attacks to slow down criminal operations," but security teams are restricted to taking these actions on systems within their organizations, writes Fahmida Rashid in CSO Online. "Legal hack back via MazeHunter is more than traditional incident response because the organization can run a payload on the infected machine to engage with the attacker even before the forensics part of the investigation is complete," said Gadi Evron, founder and CEO of Cymmetria.

19 of 47 comments (clear)

Min score:

Reason:

Sort:

If it is in your network... by aepervius · 2017-10-24 09:28 · Score: 4, Interesting

...And assuming it cannot be sometimes very sensitive, why do you need to hack back your own machine ? Pull the Lan cord, re-image it, at worst copy essential document, et voila.

--
C. Sagan : A demon haunted world:
http://www.amazon.com/gp/product/0345409469/
visit randi.org
1. Re:If it is in your network... by freeze128 · 2017-10-24 09:39 · Score: 1
  
  "If thyne eye doth offend thee, pluck it out!"
Cyberpunk is coming by budsetr · 2017-10-24 09:35 · Score: 2

Black ICE
Spoof the source IP and get them to eat themselves by HornWumpus · 2017-10-24 09:40 · Score: 1

Better still, trick them into 'hacking back' at the NSA. Laughs all around.

--
John McAfee 'It was like that time I hired that Bangkok prostitute; to do my taxes, while I fucked my accountant'
Legal Pre-Emptive Hack . . . by PolygamousRanchKid+ · 2017-10-24 09:41 · Score: 3, Insightful

Legal hack back via MazeHunter is more than traditional incident response because the organization can run a payload on the infected machine to engage with the attacker even before the forensics part of the investigation is complete

Well, that might be enough for some primitive folks, but for folks expecting American Defense Quality, I want a system that will attack the hackers before they even think about hacking.
Yeah, sure, you haven't done anything yet, and you are still innocent, but the NSA/CIA/FBI AI models say you WILL be guilty sooner or later, so we might as well take you out right now.

--
Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
1. Re:Legal Pre-Emptive Hack . . . by Anonymous Coward · 2017-10-24 13:00 · Score: 1
  
  Yeah, sure, you haven't done anything yet, and you are still innocent, but the NSA/CIA/FBI AI models say you WILL be guilty sooner or later, so we might as well take you out right now.
  At which point, there is no law. Anyone can be manipulated to commit any crime given enough subtle changes to their environment. Do it early enough and you can be the grand master of your own conspiracy, letting others take the fall for their role in the final act, but leaving you free and clear despite your careful domino placing.
  Anyone who would give another such power to enable precrime is in and of themselves a psychopath. There is no security nor safety in absolute surveillance, doubly so if the data is used in predictions of future acts. Which it will be. You can never fully trust someone else. They will always do what is in their best intrests in the end.
  In the case of absolute surveillance, the risk for abuse is far too high. With absolute surveillance, knowing everything about everyone at anytime with nothing anyone can do to stop it, and the chances of punishment so low, as attempts to punish them would be seen coming long before any real effort to do so got off the ground, it's abuse is guaranteed given enough time. It may start out as an authoritarian's wetdream, but it will end as a dictator's favorite public manipulation toy.
  There is no justice without a crime committed and a proven with evidence conviction. Anything less is just tyranny under the false premise of righteousness.
Lets see how this works the other way around by Anonymous Coward · 2017-10-24 09:42 · Score: 4, Funny

I run a hosting company which houses tens of thousands of servers and one of my customer machines is compromised. This malware hacks another company who has this HackBack(TM) service which then hacks back into my customer machine and begins to probe my network for weakness. My IDS detects this which launches its own HackBack(TM) service into this other company. Who sees me attacking and launches another HackBack(TM) attack.
2002 called, they want their lazy worms back
And this is "legal" because... by Anonymous Coward · 2017-10-24 09:45 · Score: 4, Insightful

... we want it to be? ... the CEO saw it in a movie? ... the check is in the mail?
Inquiring minds want to know.
1. Re:And this is "legal" because... by Big+Hairy+Ian · 2017-10-25 02:14 · Score: 1
  
  ... we want it to be? ... the CEO saw it in a movie? ... the check is in the mail?
  Inquiring minds want to know.
  It isn't and you'll probably be hacking a third party machine which has already been hacked by your attacker and when they do their forensics they'll see they got hacked twice once by the attacker (Who covered his tracks) and once by you (Who didn't cover his tracks). See you in court
  
  --
  Build a Man a Fire, and He'll Be Warm for a Day. Set a Man on Fire, and He'll Be Warm for the Rest of His Life.
2. Re:And this is "legal" because... by Bugdanoff · 2017-10-25 02:51 · Score: 1
  
  ... because some smart legislators introduced the ACDC Act, again.
Re:Spoof the source IP and get them to eat themsel by DontBeAMoran · 2017-10-24 09:51 · Score: 1

http://hoaxes.org/weblog/comme...

--
#DeleteFacebook
Okay not a lawyer by coolmoe2 · 2017-10-24 10:24 · Score: 1

But if its my network who is gonna press charges.
Just sayin
Re:Spoof the source IP and get them to eat themsel by AHuxley · 2017-10-24 11:07 · Score: 1

In a fictional movie script setting.
Will that ip always point to a 8/16, early 32 bit desktop computer at home in real time?
In terms of a user's home desktop 8/16/32 bit computer with, dial up modem, big HD storage, a set ip for hours and dial up isp ip range.
The interesting person uses their home ISP account to get into to a computer network and slowly move files back to their own home computer over hours.
Logs show a clear moment of files from the network to a home computer ISP account.

The skill level for a home computer to send a few commands to third party fast computer and fast network?
A fast network and computer system would then be used to archive all the files. No files would be connected to the home computer until later.
The third party network has the storage, CPU, fast compressing applications so all the home computer finally has to download is a few select files after reading, sorting, decrypting if needed, compressing.

Was it a real home computer or the security services staging server... The fictional movie got lots more fun...

--
Domestic spying is now "Benign Information Gathering"
Because... by Anonymous Coward · 2017-10-24 11:16 · Score: 1

Because this is HACKING the HACKERS with HACKS. That's why.
You have now read the entire substance of the thing. You are up-to-date.
1. Re:Because... by Anonymous Coward · 2017-10-25 01:50 · Score: 1
  
  ONLY Hackers can Hack Hacky Hackings, not LUDDITE Users
  Hacks!
Re:Spoof the source IP and get them to eat themsel by Hognoxious · 2017-10-24 12:04 · Score: 1

Indeed. The words "false", "flag" & "lawsuit" spring immediately to mind.

--
Confucius say, "Find worm in apple - bad. Find half a worm - worse."
Sound pretty interesting if true but.. by Neuronwelder · 2017-10-24 12:19 · Score: 1

What if they get smart (which they will) and immediately take the data and store it off site.
but he is with 99+% chance OUTSIDE your network by aepervius · 2017-10-24 19:08 · Score: 1, Offtopic

And this is illegal is nigh all places to hack outside. The story is about hacking and gathering information INSIDE your own network.

--
C. Sagan : A demon haunted world:
http://www.amazon.com/gp/product/0345409469/
visit randi.org
What will actually happen by whitroth · 2017-10-25 05:16 · Score: 1

instead of companies hiring folks who actually know what they're doing, they'll tell someone to run this. And the next thing you know, the person who doesn't actually know what's going on will "fix" it so it includes anyone attacking them, and then someone's mother or grandmother, whose machine was compromised by malware that they had no clue about, will suddenly be toast, all their emails, and writings and pictures of their kids gone. And they won't have a clue what happened.