Hacktivists, Tech Giants Protest Georgia's 'Hack-Back' Bill

lod123 shares a report from Threatpost: As Georgia Governor Nathan Deal considers whether to sign a controversial piece of legislation that would allow companies to 'hack back' with offensive initiatives in the face of a cyberattack, companies from across the tech spectrum are lining up to protest the measure. Also, a hacktivist group has targeted Georgia Southern University, two restaurants and a church to protest the bill. Opponents have twin beefs when it comes to Senate Bill 315: Some are questioning whether legitimizing offensive attacks will open the door to a new kind of corporate warfare; and others are concerned that the law will have a chilling effect on cyber-research by criminalizing white-hat activity like vulnerability research and pen-testing.

Google and Microsoft are in the former camp, and have asked Deal to veto the bill, which was passed by the Georgia General Assembly in March and which is nearing its deadline for signing into law. The two giants take issue with a provision in the bill that allows "active defense measures that are designed to prevent or detect unauthorized computer access." In a letter to the governor, the two argued that S.B. 315 "will make Georgia a laboratory for offensive cybersecurity practices that may have unintended consequences and that have not been authorized in other jurisdictions," and that "provisions such as this could easily lead to abuse and be deployed for anti-competitive, not protective purposes." They added: "On its face, this provision broadly authorizes the hacking of other networks and systems under the undefined guise of cybersecurity... [B]efore Georgia endorses the 'hack back' authority in 'defense' or even anticipation of a potential attack with no statutory criteria, it should have a much more thorough understanding of the ramifications of such a policy." Tripwire also filed a letter with the governor's office: "[A]ccording to the wording of S.B. 315, well-intentioned ('white-hat') researchers could be subject to civil or criminal prosecution when following industry best practices in investigating a website for protection from a potential cyber-attack. It is our firm belief that an explicit exception is required to exclude prosecution when the party in question is acting in good-faith to protect a business or their customers from attack. Without this exclusion, S.B. 315 will discourage good actors from reporting vulnerabilities and ultimately increase the likelihood that adversaries will find and exploit the underlying weaknesses."

Re:Self defense isn't a 'wrong'.

It's a perfectly sensible thing to do, regardless of how much the leftist elite of Silicon Valley and elsewhere suggest otherwise.

Actually, if it were "perfectly" sensible, then there wouldn't be a non-zero number of innocents killed in self-defense incidents despite the right-wing ravers of AM radio screaming hysterically over it. Some of them by mere accident. But others by mistaken misuse. And all too often tragic.

It's understandable why the conservative ideologues raise havoc over it, that allows them to lash out at anyone who intrudes upon their self-serving paradigm.

The political right wants the "freedom" to crush others, most especially because convincing their sycophants that there is somebody to blame for their suffering lets them turn the mobs that follow them to use their violence for their own political ends.

After al, there is a lot of power in fear, anger, and hatred. Why wouldn't they convince their devoted followers to go along with it using such propaganda? Whip the crowd up to a frenzy, start the lynchings and burn the witches on a pyre.

That's why they build memorials to the KKK after all, down in Georgia, but don't you dare reveal their viciousness.