{"id":15053,"date":"2014-08-05T12:15:27","date_gmt":"2014-08-05T02:15:27","guid":{"rendered":"http:\/\/www.aspistrategist.ru\/?p=15053"},"modified":"2014-08-06T10:20:59","modified_gmt":"2014-08-06T00:20:59","slug":"vigilantism-on-the-cyber-frontier","status":"publish","type":"post","link":"https:\/\/www.aspistrategist.ru\/vigilantism-on-the-cyber-frontier\/","title":{"rendered":"Vigilantism on the cyber frontier"},"content":{"rendered":"<p style=\"text-align: center;\"><a href=\"http:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2014\/08\/5058063396_4f557cfb7d_z.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-15054\" title=\"Vigilantism on the cyber frontier\" alt=\"Vigilantism on the cyber frontier\" src=\"http:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2014\/08\/5058063396_4f557cfb7d_z.jpg\" width=\"640\" height=\"396\" srcset=\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2014\/08\/5058063396_4f557cfb7d_z.jpg 640w, https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2014\/08\/5058063396_4f557cfb7d_z-205x127.jpg 205w\" sizes=\"(max-width: 640px) 100vw, 640px\" \/><\/a><\/p>\n<p>Cybercrime is presenting law enforcement agencies worldwide with new and evolving legislative problems and operational challenges. Identifying and stopping nefarious online actors, many of whom are based thousands of kilometres away on foreign soil, is a challenging, endless and often thankless task. But this is now being complicated by a trend towards increasing vigilantism on the cyber frontier.<\/p>\n<p>Frustrated by relentless and increasingly sophisticated infiltration attempts, businesses and corporate heavyweights are discussing with increasing vigour how to return fire.<\/p>\n<p>Defence is a comparatively weak strategy in cyberspace\u2014it\u2019s only a matter of when, not if, most networks will be infiltrated. Savvy firms aware of this reality are employing several pre-emptive tactics such as planting misleading information on their own servers or creating endless rabbit holes to lure in intruders and keep them occupied.<!--more--><\/p>\n<p><a href=\"http:\/\/www.crowdstrike.com\/blog\/active-defense-time-new-security-strategy\/\" target=\"_blank\">Dubbed<\/a> by some as \u2018active cyber defence\u2019, that approach works to raise the overall cyber resilience of companies. It\u2019s a lawful and proactive way to guard against cybercrime\u2014the equivalent of strengthening the bank vault in a Wild West town. But it must remain confined to company networks.<\/p>\n<p>Some businesses are moving off their own servers and pursuing more aggressive, retaliatory tactics against cybercriminals. That is, they\u2019re not just hardening and hiding the vault, but actively pursuing bank-robbers. And that\u2019s creating problems for law enforcement and governments.<\/p>\n<p>Some corporations are unhappy with strategies restricted to their own networks, deriding it as \u2018passive cyber defence\u2019. Former US Ambassador to China, Jon Huntsman, is the<a href=\"http:\/\/www.washingtonpost.com\/blogs\/worldviews\/wp\/2013\/05\/23\/should-the-u-s-allow-companies-to-hack-back-against-foreign-cyber-spies\/\" target=\"_blank\"> latest<\/a> to lend his voice to the chorus, calling for more freedom to pursue stolen information through cyberspace. In June, campaigners were even <a href=\"http:\/\/www.nytimes.com\/2014\/06\/22\/sunday-review\/hackers-find-new-ways-to-breach-computer-security.html?smid=tw-share&amp;_r=2\" target=\"_blank\">advocating<\/a> for the broad application of the Second Amendment to the online environment.<\/p>\n<p>While \u2019hacking-back\u2019 and directly attacking cybercriminals may seem just and gratifying, that strategy is illegal in most countries and counter to the norm of a stable and crime-free cyberspace that\u2019s being pushed so vehemently by Western countries.<\/p>\n<p>Many of the computers used to penetrate company networks are often legitimate private computers that have been hijacked by criminal organisations to route their attacks through. Illegal botnets comprised of ensnared private computers can be similarly used to automatically probe for network weaknesses.<\/p>\n<p>Counter-attacks against those computers are extremely unlikely to help regain stolen corporate information or intellectual property and can adversely impact an innocent third party.<\/p>\n<p>If those third-party systems turn out to be controlling critical national infrastructures or belong to major corporations, the knock-on effects and implications of any damage to those networks could be calamitous.<\/p>\n<p>In short, any form of offensive attack, against innocent users or otherwise, has the potential to land IT departments and contractors in hot water. Any unauthorised movement into the private network of another holds significant legal implications in some countries, in particular the United States, where the intent of the user in hacking cases is irrelevant.<\/p>\n<p>When speaking to an American Bar Association panel about hacking back, a representative of the US Justice Department <a href=\"http:\/\/www.smh.com.au\/it-pro\/security-it\/is-hacking-in-selfdefence-legal-20130927-hv1u8.html\" target=\"_blank\">explained<\/a> that the first reaction of his team was \u2019Oh wow \u2013 now I have two crimes.\u2019<\/p>\n<p>In Australia, the legislative waters surrounding hacking back are murkier. But as a <a href=\"http:\/\/conventions.coe.int\/Treaty\/en\/Treaties\/Html\/185.htm\" target=\"_blank\">signatory<\/a> to the Budapest Convention Australia is obligated to work with foreign governments to pursue hackers within our jurisdiction and potentially extradite them, as the treaty outlaws private retaliation.<\/p>\n<p>We\u2019re yet to see the extradition of anyone under the convention, but it\u2019ll be interesting to see how the Australian Government would handle such a request from a foreign government, particularly if crime wasn\u2019t the primary motivation of the hacker.<\/p>\n<p>Improving cyber resilience should continue to be a high-level goal for businesses world-wide. But countering cybercrime shouldn\u2019t come at the cost of the safety of \u2018innocent\u2019 third parties. Disruptive techniques within the realms of one\u2019s own server are acceptable, but it\u2019s when vigilantism spreads that fight to the servers of others that the Western norm of a stable cyberspace is threatened.<\/p>\n<p><i>Jessica Woodall is an analyst in ASPI\u2019s\u00a0<a href=\"http:\/\/cyberpolicy.aspistrategist.ru\/\" target=\"_blank\">International Cyber Policy Centre<\/a>. Image courtesy of <a href=\"https:\/\/www.flickr.com\/photos\/hoyvinmayvin\/5058063396\" target=\"_blank\">Alex Eylar<\/a>.<\/i><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Cybercrime is presenting law enforcement agencies worldwide with new and evolving legislative problems and operational challenges. Identifying and stopping nefarious online actors, many of whom are based thousands of kilometres away on foreign soil, is &#8230;<\/p>\n","protected":false},"author":133,"featured_media":15054,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_mi_skip_tracking":false,"footnotes":""},"categories":[531],"tags":[95,484,902],"class_list":["post-15053","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cyber-security-2","tag-cyber-security","tag-private-sector","tag-vigilantism"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v19.3 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Vigilantism on the cyber frontier | The Strategist<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.aspistrategist.ru\/vigilantism-on-the-cyber-frontier\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Vigilantism on the cyber frontier | The Strategist\" \/>\n<meta property=\"og:description\" content=\"Cybercrime is presenting law enforcement agencies worldwide with new and evolving legislative problems and operational challenges. Identifying and stopping nefarious online actors, many of whom are based thousands of kilometres away on foreign soil, is ...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.aspistrategist.ru\/vigilantism-on-the-cyber-frontier\/\" \/>\n<meta property=\"og:site_name\" content=\"The Strategist\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/ASPI.org\" \/>\n<meta property=\"article:published_time\" content=\"2014-08-05T02:15:27+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2014-08-06T00:20:59+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2014\/08\/5058063396_4f557cfb7d_z.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"640\" \/>\n\t<meta property=\"og:image:height\" content=\"396\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Jessica Woodall\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@ASPI_org\" \/>\n<meta name=\"twitter:site\" content=\"@ASPI_org\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Jessica Woodall\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.aspistrategist.ru\/#website\",\"url\":\"https:\/\/www.aspistrategist.ru\/\",\"name\":\"The Strategist\",\"description\":\"ASPI&#039;s analysis and commentary site\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.aspistrategist.ru\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-AU\"},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-AU\",\"@id\":\"https:\/\/www.aspistrategist.ru\/vigilantism-on-the-cyber-frontier\/#primaryimage\",\"url\":\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2014\/08\/5058063396_4f557cfb7d_z.jpg\",\"contentUrl\":\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2014\/08\/5058063396_4f557cfb7d_z.jpg\",\"width\":640,\"height\":396,\"caption\":\"Vigilantism on the cyber frontier\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.aspistrategist.ru\/vigilantism-on-the-cyber-frontier\/\",\"url\":\"https:\/\/www.aspistrategist.ru\/vigilantism-on-the-cyber-frontier\/\",\"name\":\"Vigilantism on the cyber frontier | The Strategist\",\"isPartOf\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/vigilantism-on-the-cyber-frontier\/#primaryimage\"},\"datePublished\":\"2014-08-05T02:15:27+00:00\",\"dateModified\":\"2014-08-06T00:20:59+00:00\",\"author\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/9bd8dbe30fb509c3b05d23eebc948556\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/vigilantism-on-the-cyber-frontier\/#breadcrumb\"},\"inLanguage\":\"en-AU\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.aspistrategist.ru\/vigilantism-on-the-cyber-frontier\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.aspistrategist.ru\/vigilantism-on-the-cyber-frontier\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.aspistrategist.ru\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Vigilantism on the cyber frontier\"}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/9bd8dbe30fb509c3b05d23eebc948556\",\"name\":\"Jessica Woodall\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-AU\",\"@id\":\"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/68050b949391d6c3e7143b759a15ebaa?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/68050b949391d6c3e7143b759a15ebaa?s=96&d=mm&r=g\",\"caption\":\"Jessica Woodall\"},\"url\":\"https:\/\/www.aspistrategist.ru\/author\/jessica-woodall\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Vigilantism on the cyber frontier | The Strategist","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.aspistrategist.ru\/vigilantism-on-the-cyber-frontier\/","og_locale":"en_US","og_type":"article","og_title":"Vigilantism on the cyber frontier | The Strategist","og_description":"Cybercrime is presenting law enforcement agencies worldwide with new and evolving legislative problems and operational challenges. Identifying and stopping nefarious online actors, many of whom are based thousands of kilometres away on foreign soil, is ...","og_url":"https:\/\/www.aspistrategist.ru\/vigilantism-on-the-cyber-frontier\/","og_site_name":"The Strategist","article_publisher":"https:\/\/www.facebook.com\/ASPI.org","article_published_time":"2014-08-05T02:15:27+00:00","article_modified_time":"2014-08-06T00:20:59+00:00","og_image":[{"width":640,"height":396,"url":"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2014\/08\/5058063396_4f557cfb7d_z.jpg","type":"image\/jpeg"}],"author":"Jessica Woodall","twitter_card":"summary_large_image","twitter_creator":"@ASPI_org","twitter_site":"@ASPI_org","twitter_misc":{"Written by":"Jessica Woodall","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebSite","@id":"https:\/\/www.aspistrategist.ru\/#website","url":"https:\/\/www.aspistrategist.ru\/","name":"The Strategist","description":"ASPI&#039;s analysis and commentary site","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.aspistrategist.ru\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-AU"},{"@type":"ImageObject","inLanguage":"en-AU","@id":"https:\/\/www.aspistrategist.ru\/vigilantism-on-the-cyber-frontier\/#primaryimage","url":"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2014\/08\/5058063396_4f557cfb7d_z.jpg","contentUrl":"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2014\/08\/5058063396_4f557cfb7d_z.jpg","width":640,"height":396,"caption":"Vigilantism on the cyber frontier"},{"@type":"WebPage","@id":"https:\/\/www.aspistrategist.ru\/vigilantism-on-the-cyber-frontier\/","url":"https:\/\/www.aspistrategist.ru\/vigilantism-on-the-cyber-frontier\/","name":"Vigilantism on the cyber frontier | The Strategist","isPartOf":{"@id":"https:\/\/www.aspistrategist.ru\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.aspistrategist.ru\/vigilantism-on-the-cyber-frontier\/#primaryimage"},"datePublished":"2014-08-05T02:15:27+00:00","dateModified":"2014-08-06T00:20:59+00:00","author":{"@id":"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/9bd8dbe30fb509c3b05d23eebc948556"},"breadcrumb":{"@id":"https:\/\/www.aspistrategist.ru\/vigilantism-on-the-cyber-frontier\/#breadcrumb"},"inLanguage":"en-AU","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.aspistrategist.ru\/vigilantism-on-the-cyber-frontier\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.aspistrategist.ru\/vigilantism-on-the-cyber-frontier\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.aspistrategist.ru\/"},{"@type":"ListItem","position":2,"name":"Vigilantism on the cyber frontier"}]},{"@type":"Person","@id":"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/9bd8dbe30fb509c3b05d23eebc948556","name":"Jessica Woodall","image":{"@type":"ImageObject","inLanguage":"en-AU","@id":"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/68050b949391d6c3e7143b759a15ebaa?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/68050b949391d6c3e7143b759a15ebaa?s=96&d=mm&r=g","caption":"Jessica Woodall"},"url":"https:\/\/www.aspistrategist.ru\/author\/jessica-woodall\/"}]}},"_links":{"self":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts\/15053"}],"collection":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/users\/133"}],"replies":[{"embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/comments?post=15053"}],"version-history":[{"count":5,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts\/15053\/revisions"}],"predecessor-version":[{"id":15071,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts\/15053\/revisions\/15071"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/media\/15054"}],"wp:attachment":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/media?parent=15053"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/categories?post=15053"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/tags?post=15053"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}