Cyber Security

Is it ethical to "hack back" after a Cyber Security breach on your own company?

PA Asked by Patrick Sullivan · 15-01-2025
0 upvotes 11,241 views 0 comments
The question

Our team recently identified the IP address of a group that has been attempting to brute-force our servers. Some of our younger devs want to "strike back" by scanning their infrastructure for vulnerabilities. Is this ever legally or ethically acceptable in the industry? We want to discourage them from coming back, but I’m worried about the legal repercussions and the potential for escalation.

3 answers

0
PA
Answered on 17-01-2025

The short answer is: Absolutely do not do it. "Hacking back" is illegal in almost every jurisdiction, including the US under the Computer Fraud and Abuse Act (CFAA). Beyond the legal risk, you have no way of knowing if the IP address you see actually belongs to the attacker; they often use compromised servers from innocent third parties or hospitals as proxies. If you "hack back," you might be attacking another victim. Your job is to defend, harden your systems, and report the evidence to the FBI or your local authorities. Leave the offensive operations to the professionals.

0
RY
Answered on 18-01-2025

Pamela, if we can't strike back, what is the best way to actively "discourage" them so they realize we are a difficult target and move on to someone else?

PA 19-01-2025

Ryan, the best discouragement is "Friction." Use Geofencing to block traffic from countries you don't do business with, implement strict rate-limiting on your login pages, and set up "Honeytokens" or "Honeypots." A Honeypot is a fake server that looks vulnerable; when an attacker touches it, you get an immediate alert and can block their real intent before they find your actual data. It’s a safe, legal way to play "mind games" with the attackers.

0
JU
Answered on 20-01-2025

Focus on your Incident Response plan. A fast, efficient recovery is the best way to prove to an attacker that their efforts are a waste of time and resources.

PA 21-01-2025

Well said, Justin. Resilience is the best defense. If you can bounce back in minutes, the attacker loses their leverage and their motivation to keep trying.

Share your thoughts

Your email address will not be published. Required fields are marked (*)

Professional Counselling Session

Still have questions?
Schedule a free counselling session

Our experts are ready to help you with any questions about courses, admissions, or career paths. Get personalized guidance from industry professionals.

Request a Call Back

Search Online

We Accept

We Accept

Follow Us

"PMI®", "PMBOK®", "PMP®", "CAPM®" and "PMI-ACP®" are registered marks of the Project Management Institute, Inc. | "CSM", "CST" are Registered Trade Marks of The Scrum Alliance, USA. | COBIT® is a trademark of ISACA® registered in the United States and other countries.

Book Free Session