sb-as logo
Story image

Expert says Germany’s ‘hack back’ proposal is a slippery slope

09 Oct 2017

Late last week German intelligence officials urged lawmakers to grant them more legal authority to ‘hack back’ in the event of international cyberattacks.

This comes in the wake of various attacks, including the May 2015 hacking of the German lower house of parliament, the Bundestag, which German officials blamed on APT28, a Russian hacker group that is said to have ties to Moscow.

Head of the BfV domestic intelligence agency, Hans-Georg Massen proclaimed to the parliamentary oversight committee that they should be legally equipped to destroy data that is stolen from German servers and moved to foreign servers – thus preventing cybercriminals and foreign powers from misusing it.

In a similar way to which human agents are used for counter-espionage, Massen argued it would be logical to ‘infect’ foreign servers with software that would then provide for improved visibility and surveillance of any malicious operations targeted against German cyber targets.

“In the real world, it would be like turning a foreign intelligence agent and getting them to work for us ... Something like this should be possible in the cyber world too,” Maassen told the committee in its first public hearing.

“These are ‘hack back’ instruments, but they are below the threshold of destroying or incapacitating a foreign server,” Maassen said.

CEO of web security company High-Tech Bridge, Ilia Kolochenko says while at first glance a hack back concept sounds fair and reasonable, he believes it may be a slippery slope as in the digital world the counterattack principle may be very different from its common notion.

“On the Dark Web, one can easily purchase access to hacked systems of governments, law enforcement agencies and police. Cybercriminals and nation-state actors may just buy compromised systems of their rivals andup them,” says Kolochenko.

“Afterwards, genuine attackers will use an alleged breach as an excuse for well-prepared attacks on their victims. Legal questions intertwined with the hack back are much less complicated compared to practical problems we may face.”

Kolochenko asserts the solution needs to be approached with care.

“Therefore, we should rigorously conceptualise and analyse the hack back principle with the game theory in mind. Otherwise, we will unavoidably create a parade of horrors detrimental for all civilized states."

Germany’s BND chief, Bruno Kahl told the committee that its foreign intelligence agency already has the expertise to destroy foreign servers, but lacks the legal authority.

However, Kahl says at the end of the day, such decisions have to be made by politicians.

Story image
Claroty discovers vulnerabilities in Ovarro TBox RTUs
The vulnerabilities could enable attackers to break into the systems and run code, crash systems, and meddle with configuration files, amongst other malicious actions.More
Story image
Kasada launches new defenses against bot attacks
Kasada has announced the general availability of its new V2 platform in a bid to address the increasing sophistication of bot attacks.More
Story image
AvePoint brings Salesforce Cloud Backup to channel partners
The product adds to the AvePoint suite of trusted Cloud Backup for Microsoft 365 and Dynamics 365 to provide managed service providers with backup and restore capabilities across multiple, popular SaaS providers.More
Story image
ThreatQuotient hits $22.5m in new financing, continues growth streak
“Since we first invested in ThreatQuotient in 2017, their team has continued to prove to the market that there is a critical need for cybersecurity solutions aimed at security operations."More
Story image
Enterprises underutilising security tools, causing teams to burn out
The report unveiled a lack of meaningful ROI metrics when reporting on security progress, as well as disparate opinions on objectives, tool effectiveness and security awareness amongst the organisation between executives and operations on security teams.More
Link image
Virtual demo: Diagnose network cabling problems with the LinkIQ Cable+Network Tester
If you’re finding it difficult to install access points and cabling, or if you can’t pinpoint an issue with a video camera or end user, the LinkIQ Cable+Network Tester could be exactly what you need. Try a free, fully interactive demo now.More