NystagmusE • February 20, 2017 10:42 AM
Retalitory hacking (“hacking back”) is not a logical nor safe principle nor response. It should be avoided at all times.
Also, it should not be discussed casually as an approach, since the articles of interest use the disclaimer that even as a controversial idea, it should only be pondered (although I think not) by military powers. Here are the reasons why it should not be pondered or used by anyone:
1) Misattribution. (“Oops, sorry, wrong number”)
It’s so commonplace for hackers of any type to disguise their true identities as well as vectors of influence.
It’s also commonplace for hackers of any type to utilise any means necessary to accomplish their hacking goals.
Since hacking techniques are not limited to just internet, just telephony, just social engineering, just identity theft, just firmware, just software, or just hardware, there are always a huge variety of means for hackers to disguise their vectors of influence as well as their identities and even their targets.
You could not be sure that you were retaliating against the correct item(s).
To retaliate against the wrong item or items would most likely lead to widespread provacation of hypermalignant internet and cyberwarfare, and the only ones to blame would be those who foolishly retaliated.
Vengeance begets vengeance.
It is entirely maladaptive.
Militaries have a long, decades and centuries long history of overinvolvement with vicious cycles of vengeance begetting vengeance.
2) Way too much collateral damage. Please don’t destroy the information habitat just because people somewhere hate you, perhaps for wrong reasons.
Way too many innocent lives and business would be affected by a conflagrated cyber war. Retaliatory hacking simply aggitates an already aggitated information ecosystem and makes it worse for all, including the originally affected victims. Also there is no peace accomplished via the threat of retaliation, because the internetworks and technologies and vectors are so complex and dynamic and varied and becausee of the reasons listed above.
Retaliatory hacking simply does not work and is illogical.
There might be some extremely rare and specialized exceptions, but I wouldn’t trust militant technology users to be stable and logical enough to comprehend and utilize the criteria for such exceptions. However, those career forensic professionals who are sworn to uphold the law without conflicts of interest and whom have the correct credentials and education and tools and cooperative planning might be able to accomplish a more neutral and technologically gentle way of protecting systems. For example, the FBI could create a “vigilante virus” that spread around the internet fixing and patching up people’s and businesses security holes except for those owned by known criminals. The FBI has the forensic expertise and intersocial resources and could partner with the Defensive portion of the NSA (not the Offensive portion of the NSA) to accomplish such a thing. But the scope of such a project would have to be systematically preplanned, and monitored, and would always be at risk of being modified and copied by adversaries. So really, even that is risky as well.
3) It is better to stop hostility at the source. The source causes of most hostilities are ideological, and not technological, and not based solely upon technological nor military advantage nor disadvantage. If you can find a way to convince adversaries to comprehend and agree to alternatives instead of hostility and fighting, that is always better. In other words, emply diplomacy, even and especially within the realm of “cyber” disagreements.
4) Digital diplomacy has the advantages of possibilities of partial and/or temporary anonymity in ways that in-person diplomacy might not away have. So digital diplomacy might even be more successful than in-person diplomacy in some circumstances. However, in-person diplomacy’s strengths are everlasting and could be combined with digital diplomacy in some unusual ways. However, it is important to make sure that diplomats as well as non-diplomats are not simply working for a faceless, nameless computer program even if it is used to hire and deploy them into reconcilliation with adversaries.
5) The legal system of checks and balances needs time and resources and innovative law-making and ammendments to catch up with the status quo. “Hacking back” would not have enough constraints ethically nor legally to keep it from being abused.
If this surprises you, please give these ideas a chance to be properly understood.
Peaceful dialogue tends to be preferred. This could actually be accomplished somewhat easier via digital channels where people might not have the ability nor willfullness to harm each other, yet could still exchange ideas and informations to ensure greater reconcilliation and intersocial stability, regionally as well as geopolitically.
Please don’t turn the internet into a battlefield.
6) AI is the wildcard. Way too many unknown unknowns with Artificial Intellects/Intelligences involved now. Please do NOT provoke an already bizarre and delicate situation for all, especially in it’s early stages. We need to be able to teach AI’s the ways of peaceful cooperative coexistence, not relentless neverending war and suffering and provocation and vengeance and blind illogical detriment to all.
Mutually-assured survival is preferred.
We are all each invited to wake up and smell the reality.