Slashdot Mirror

← Back to Stories (view on slashdot.org)

Legal Hack Back Lets You Go After Attackers In Your Network (csoonline.com)

Posted by BeauHD on from the right-back-at-ya dept.

itwbennett writes: Security startup Cymmetria has a new offering for customers: "legal hack back." The hack back tools have been added to the company's MazeHunter deception technology and will enable "tracking down the attack servers and wiping data originally stolen from their servers, probing the attack infrastructure for weaknesses to exploit, disabling the systems controlling malware, looking for information about the attackers to use in attribution, and launching distributed denial-of-service attacks to slow down criminal operations," but security teams are restricted to taking these actions on systems within their organizations, writes Fahmida Rashid in CSO Online. "Legal hack back via MazeHunter is more than traditional incident response because the organization can run a payload on the infected machine to engage with the attacker even before the forensics part of the investigation is complete," said Gadi Evron, founder and CEO of Cymmetria.

5 of 47 comments (clear)

  1. If it is in your network... by aepervius · · Score: 4, Interesting

    ...And assuming it cannot be sometimes very sensitive, why do you need to hack back your own machine ? Pull the Lan cord, re-image it, at worst copy essential document, et voila.

    --
    C. Sagan : A demon haunted world:
    http://www.amazon.com/gp/product/0345409469/
    visit randi.org
  2. Cyberpunk is coming by budsetr · · Score: 2

    Black ICE

  3. Legal Pre-Emptive Hack . . . by PolygamousRanchKid+ · · Score: 3, Insightful

    Legal hack back via MazeHunter is more than traditional incident response because the organization can run a payload on the infected machine to engage with the attacker even before the forensics part of the investigation is complete

    Well, that might be enough for some primitive folks, but for folks expecting American Defense Quality, I want a system that will attack the hackers before they even think about hacking.

    Yeah, sure, you haven't done anything yet, and you are still innocent, but the NSA/CIA/FBI AI models say you WILL be guilty sooner or later, so we might as well take you out right now.

    --
    Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
  4. Lets see how this works the other way around by Anonymous Coward · · Score: 4, Funny

    I run a hosting company which houses tens of thousands of servers and one of my customer machines is compromised. This malware hacks another company who has this HackBack(TM) service which then hacks back into my customer machine and begins to probe my network for weakness. My IDS detects this which launches its own HackBack(TM) service into this other company. Who sees me attacking and launches another HackBack(TM) attack.

    2002 called, they want their lazy worms back

  5. And this is "legal" because... by Anonymous Coward · · Score: 4, Insightful

    ... we want it to be? ... the CEO saw it in a movie? ... the check is in the mail?

    Inquiring minds want to know.