The poor state of security on the Internet calls for more effective ways to protect networked systems from attacks. One solution is to be able to counter attack with offensive capabilities. With attacker information available, companies find themselves in a dilemma - counter attack for immediate self-defense, retaliate for future deterrence, inform the appropriate law enforcement authorities, or do nothing. We examine justification for the hack back self defense and deterrence arguments in the context of current technology and legal framework This paper extends discussion of issues surrounding using offensive capabilities for defensive purposes to the civilian/commercial Internet context beyond information warfare.
展开▼