Should Companies Under Cyber Attack Fight Fire With Fire?

Updated on

US retailers have been under attack by hackers and the size and range of these breaches raises serious questions about cybersecurity in the corporate world.

Perpetrators of cyber attack always one step ahead

“Hackers are one step ahead of corporations when it comes to data security systems,” says Dr. Trevor Nagel, Head of White & Case’s Global Sourcing and Technology Transactions Group. “As a result, companies need to start reconsidering their approach to data security as many have locked-in last-generation, “egg-shell” security systems. Security has moved on in the era of virtualization and cloud computing and many businesses have data security providers that are one step behind. Businesses need to demand that their providers offer more sophisticated security systems or they will be at risk.”

Unfortunately, not every company is exploring what they can do to improve their security, Nagel adds.

“It doesn’t necessarily cost a lot of money to upgrade your security infrastructure, but most businesses have been reluctant to change security providers, because they may still believe that they have adopted “best practices” and they have “outsourced” this function to their IT provider,” he says.

How far should companies go when provoked?

Nagel thinks companies should consider supplemental security systems such as application-oriented security or what is often referred to as “outerwear.” These recent large-scale corporate security breaches have enhanced the debate around “hacking back”: using hacker-like techniques and instituting countermeasures to thwart cyber attacks. Does a company have the right to retrieve its stolen data? Among other tactics some companies are considering:

• “Data beaconing,” which enables one to trace information that has been stolen
• “Honeypots,” which consist of some information technology (IT) and data that appear to be part of a valuable network, but the IT is actually isolated and monitored, the information has no value, and the company is able to collect certain coordinates about the hacker attempting to extract the “sweets”

“While identifying and exposing hackers, and potentially crippling the hacker’s operations may be justifiable and even satisfying in a Dirty Harry fashion, companies contemplating “hacking back” need to consider potential legal exposure and be mindful that these activities may incite hackers frustrated by such measures to hit even harder,” Nagel says. “Perhaps for now, there is a need to be more vigilant rather than a vigilante.”

Leave a Comment