Actionable news
All posts from Actionable news
Actionable news in FEYE: FireEye, Inc.,

Private Companies Should Never ‘Hack Back’

Kevin Mandia, chief executive of the enterprise cybersecurity company FireEye, and Chief Technology Officer Grady Summers had a lot to say about how companies are evaluating cyber risks before mergers and acquisitions, how data breaches create new liabilities, and the idea of hacked companies retaliating in cyberspace.

For years we’ve heard talk about private companies potentially retaliating against cyberattackers. Now, U.S. lawmakers are pushing the Obama administration to retaliate against Russian hackers for suspected election meddling. What should businesses keep in mind about digital retaliation?

Mr. Mandia: Any offensive cyber operations should be launched by a sovereign nation. We’ve had discussions about “hacking back” since the mid 1990s, but I can give you a bunch of reasons why it’s a bad idea for a private company: You don’t want to tamper with relationships between sovereign nations. I’ve been in rooms with companies that have been compromised and have been frustrated, and maybe one out of 100 comes up with an idea like putting something in the documents they’re stealing so the attackers’ system crashes. You might say it raises the cost to the attacker, but on the flip side you can imagine scenarios where we hack back in cyberspace and all that happens is an escalation of conditions impacting thousands of companies that’s the result of one company working on a bad judgment. And if all you want to know is “Who hacked me and why?” then you can do that without hacking back.

Should a company’s response be different if it determines it has been hacked by a nation state, or cybercriminals looking for a profit?

Mr. Summers: As a chief information security officer, I’d just use that data to inform my defenses. If I have secrets and intellectual property that is valuable to a nation state, then I...