Xygh Offense vs Defense
From CyberSecurity
Going on the offensive in response to a cyber-attack
- General questions: What can a counter-attack accomplish? Are there ways to reduce the collateral damage? In what situations is this an appropriate response?
- What kinds of offensive measures are available? Are they feasible? What are the effects of these attacks? Examples:
- Trace-back to identify the source of an attack (requires hacking into third-party machines)
- White worms to neutralize compromised hosts, e.g., Tim Mullen's strikeback idea
- DDOS for retaliation (is this ever a good idea?)
- Other possibilities...?
- Legal issues
- Are there legal principles or precedents (e.g., self-defense) that could justify a counter-attack?
- Legal framework: When is a counter-attack permissible? Who is allowed to do it? Do they need to collect evidence or document their actions?
- See Karnow's notes