Hack Back Fever
As a reminder, this is the public version of the Hacking Healthcare newsletter. For additional in-depth analysis and opinion, become a member of H-ISAC.
TLP White
Welcome back to Hacking Healthcare! You will now be seeing us at a regularly scheduled time – every Tuesday morning.
Hot Links –
- Hack Back Fever – A bipartisan bill was introduced in the House last week, which if passed would enable companies to take action against cyber attackers. The bill would amend the Computer Fraud and Abuse Act to prohibit prosecution against network defenders who act outside of their networks to disrupt ongoing attacks or conduct reconnaissance for purposes of attribution or network defense. The bill would require that an organization notify the FBI before taking any action – a time lag which may limit the effectiveness of disruptive defensive operations. And it would only enable defensive measures against infrastructure located in the United States (which law enforcement already can take action against). If a U.S. person (or their computers) were harmed during a hack-back, the bill would enable private action to seek damages.
There are also portions of the bill that clarify the legality of beaconing implants that might help establish attribution. This seems like firmer ground to start on as we better develop standards for attribution and increase law enforcement capacity in the U.S. and overseas.