hackback – Noise https://noise.getoto.net The collective thoughts of the interwebz Sat, 01 Nov 2025 16:07:25 +0000 en-US hourly 1 https://wordpress.org/?v=6.8.2 On Hacking Back https://noise.getoto.net/2025/11/12/on-hacking-back/ Wed, 12 Nov 2025 12:01:53 +0000 https://www.schneier.com/?p=71128 Former DoJ attorney John Carlin writes about hackback, which he defines thus: “A hack back is a type of cyber response that incorporates a counterattack designed to proactively engage with, disable, or collect evidence about an attacker. Although hack backs can take on various forms, they are—­by definition­—not passive defensive measures.”

His conclusion:

As the law currently stands, specific forms of purely defense measures are authorized so long as they affect only the victim’s system or data.

At the other end of the spectrum, offensive measures that involve accessing or otherwise causing damage or loss to the hacker’s systems are likely prohibited, absent government oversight or authorization. And even then parties should proceed with caution in light of the heightened risks of misattribution, collateral damage, and retaliation...

]]>