Apparently, yes
According to thehill.com:
Reps. Tom Graves (R-Ga.) and Kyrsten Sinema (D-Ariz.) introduced a bill Friday that would allow hacking victims to "hack back" when attacked.Well, rumor is that there are commercial that are already close to doing this, and doing it well, but want to be able to CYA if things go non-linear ( read: hit the press ), and the snippet above says they " notify the FBI National Cyber Investigative Joint Task Force". This means it's not allowing every script kiddy or wannabee to become legal, as if these jokers would wait for permission anyway.
The Active Cyber Defense Certainty Act allows individuals and companies to hack hackers if the goal is to disrupt, monitor or attribute the attack, or destroy stolen files.
“While it doesn’t solve every problem, [the legislation] brings some light into the dark places where cybercriminals operate,” Graves said in a statement.
“The certainty the bill provides will empower individuals and companies [to] use new defenses against cybercriminals," he said. "I also hope it spurs a new generation of tools and methods to level the lopsided cyber battlefield, if not give an edge to cyber defenders."
The bill does not allow counterattackers to destroy anything other than their own stolen files and requires that someone "hacking back" under the bill's provisions notify the FBI National Cyber Investigative Joint Task Force. (more...) http://thehill.com/policy/cybersecurity/355305-hack-back-bill-hits-house
They've been talking about it for a while now, so I wouldn't be surprised if it really goes through, won't change for the maturity of mature companies - attribution is still hard, and ops are risky.
PS. Not data security, but as the Trump meltdown continues, thehill.com has a great article http://thehill.com/opinion/white-house/355569-juan-williams-trump-is-becoming-a-failed-president
No comments:
Post a Comment