FBI Monitoring Hacking Targets For Retaliation 96
An anonymous reader writes: As high profile security breaches continue to grab headlines, little is being done visibly by the government to prevent future attacks. This is prompting some victims (and potential victims) to find creative ways to stop the hackers. The FBI is now concerned that U.S. companies and institutions are themselves breaking laws by retaliating with cyberattacks of their own. "In February 2013, U.S officials met with bank executives in New York. There, a JPMorgan official proposed that the banks hit back from offshore locations, disabling the servers from which the attacks were being launched ... Federal investigators later discovered that a third party had taken some of the servers involved in the attack offline, according to the people familiar with the situation. Based on that finding, the FBI began investigating whether any U.S. companies violated anti-hacking laws in connection with the strike on those servers, according to people familiar with the probe."
Re:dem haxx0rz (Score:4, Insightful)
Re: (Score:3)
Probably not. Any hacker with two brain cells to rub together would quietly infiltrate systems in company A, from there infiltrate Company B, C & D, rinse/repeat until sufficient layers of abstraction sit between them & their target, and then use them to attack the real target. If the response of victim X is to nuke the IPs from which the attack came, they are a) hitting the wrong entity, b) potentially destroying evidence left by the real perps, and c) probably initiating a re-retaliation from the victim of their attack.
... and so begins Internet War 1!
Re: (Score:2)
Re: (Score:3)
Probably not. Any hacker with two brain cells to rub together would quietly infiltrate systems in company A, from there infiltrate Company B, C & D, rinse/repeat until sufficient layers of abstraction sit between them & their target, and then use them to attack the real target. If the response of victim X is to nuke the IPs from which the attack came, they are a) hitting the wrong entity, b) potentially destroying evidence left by the real perps, and c) probably initiating a re-retaliation from the victim of their attack.
The use of jumpboxes is common when attacking targets, which is exactly what you have described. However, the idea that you just "hack back" via a DDOS isn't how it is done. Companies know that blind DDOS retaliation will only land them in hot water, so they use other methods.
A common method is a honeypot - a network segment with machines in it designed to be infected for observation purposes. Then, when activity is noticed in this network, things like trojaned PDF documents can be placed in the honey pot
Can shoot a person, can't take down a server (Score:1, Interesting)
Disabling servers from which an attack is being launched against you isn't "retaliation". That's self-defense. Now, I know that striking back at the right target isn't easy, and some "innocent" people may get hurt, but if you are being attacked, and some third party's stuff is being used to attack you, you're still not "retaliating" if you damage that stuff in an attempt to end the attack.
Re:Can shoot a person, can't take down a server (Score:5, Interesting)
I don't know, seems like in a world where cyber-weapons are routinely deployed, the right to bear arms might reasonably be construed to include cyber-weapons. Especially when you consider that, at the time of writing, the right to bear arms was pretty clearly a protection of the people's ability to effectively rebel against a lawful but non-representative government.
Of course having the right to *have* such weapons, and the right to *use* them, especially indiscriminately, are completely different things. Deploy a weapon likely to have significant collateral damage and you'd better be ready to suffer the full force of the law for the damage you do to bystanders, even if disabling the primary target was a clear-cut case of self defense.
Re: (Score:3)
No, but the Natural Laws upon which Western political thought is based do give you the intrinsic right to self preservation, right up to terminating the threat.
But not in this context. If someone shoots you today, you can't go after them with a gun tomorrow after you get out of the hospital. These actions are not self-preservation at all, just retaliatory in nature. And that is clearly defined in both the explicit statutes and case law as a no-no.
Re: (Score:2)
preemptive strike... its how we justified Iraq war!!
clearly the cyber terrorist and terrorist state sponsors must be preemptively neutralized.
Re: (Score:3)
In most western countries you have the right to respond to an imminent threat of physical harm with appropriate force. You do not have the right to respond to, for example, property damage. Part of that "Western political thought" is eliminating the cycle of eye-for-an-eye vengeance.
Re: (Score:1, Offtopic)
The right to bear arms doesn't give you the right to actually use those arms. Just having the right to carry a gun doesn't implicitly give you the right to commit a murder (whether in self defence or not).
It does if the murdered is black. Just ask any police department in the country!
Re: (Score:1)
Re: (Score:2)
The police just killed a unarmed, white, middle-aged guy in PA. By the way, this wasn't the first time. I thought maybe you didn't know that, being in your racist echo chamber.
Right but there is a much better chance of the shooters at least going on trial for the murder in this case.
Re: (Score:2, Insightful)
"the right to bear arms was pretty clearly a protection of the people's ability to effectively rebel against a lawful but non-representative government."
Not really, it was said in reference to a well-regulated militia. The Point was that the founders knew very well the problems a small determined group could cause.
Anyhow, the 2 year old in Idaho who managed to shoot his mother with her own weapon had a right bear arms too, the Constitution made no mention of age.
Re: (Score:1)
Read it again, there's a comma in there right after the word State (from the as ratified by the States and authenticated by Thomas Jefferson, then-Secretary of State):
"A well regulated Militia being necessary to the security of a free State, the right of the people to keep and bear Arms shall not be infringed."
Why the pause? I, and others, will argue is the founders recognized a State needs a military force or it won't be free for long. But that military force can be turned against the people it's supposed
Re: (Score:2)
The proper way to answer to an on-going attack is to redirect traffic to analysis site and collect the information or go off-line. Responding to an on-going attack by an attack is not a defensive/self-defense reaction, it is an offensive reaction the site you target is then, following the same logic, completely entitled to reply to in turn. If you believe your reply is legitimate, the reply of the sites you then attack is also legitimate. You cannot pretend you have properly identify the authors when an att
Re: (Score:2)
Re: (Score:2)
How certain can you be that you got the right servers? How certain can other people be?
It's not clear to me that this is justified. It's too easy for it to go wrong, or to "accidentally" target someone other than the ostensible attacker.
why they are concerned (Score:5, Interesting)
They are concerned because some of these Attacks are perpetrated by the FBI/NSA/CIA.
Can't have people retaliating against their own infiltration operations...
Too bad the internet's down in North Korea, they'd be interested in this story for sure!
Re: (Score:2)
They are concerned because some of these Attacks are perpetrated by the FBI/NSA/CIA.
DDOS against US/European banks? I highly doubt that.
Too bad the internet's down in North Korea, they'd be interested in this story for sure!
Your concern for the "Democratic People's Republic of Korea" is touching.
Just like the old days... (Score:3, Funny)
An i(phone) for and i(phone) and a (blue)tooth for a (blue)tooth.
is it 4/1 already? (Score:1)
I'm not sure what else to infer from a story that implies the fbi is investigating jpmorgan for criminal activity...
Re: (Score:2)
Can't catch a thief? (Score:1, Insightful)
Catch the people defending themselves.
Hooray Cyberpunk! (Score:1)
And I am all for it.
Re: (Score:1)
Hack the Gibson!
Re: (Score:3)
Does anyone else feel that using the term "cyberwar" to describe this is an insult to anyone who has ever been through a real war? Insofar as there is a conflict between two or more parties, it is like a war. But that's the furthest that the analogy can be taken without it falling apart. Let's get some things straight: computers aren't people, DDoS attacks cause orders of magnitude less suffering than real war, and using a hyperbolic analogy leads to massive escalations of a conflict (e.g. Obama getting inv
Re: (Score:2)
not that i completely disagree, however just as a counter point...
If ddos is not really that bad.. suffering and all, what difference does it make if the retaliation strike is done against the perpetrator's computer. its not a real person that's getting affected, just a computer. Or even an entire country, if it was US that retaliated, again its just some computers mostly being used to watch porn and cat videos anyway.
Re: (Score:2)
Most DDoS attacks are launched from zombie botnets, so there's a lot of collateral damage when someone does a "retaliatory" or "self-defensive" attack. It usually misses the true perpetrator's computer.
Anyway I'm not saying that DDoS is "not really that bad". My point was more that bad analogies lead to bad conclusions. It looks to me like a disgruntled employee hacked into SPE and hurt the feelings of a few celebrities who made some shitty movie, and somehow this has resulted in two nation-states getting i
Re: (Score:1)
Re: (Score:2)
in unrelated news, it seems everything we declare a war on keeps getting to be a bigger issue. Poverty, Drugs, Terrorism... perhaps its time we declared war on good health, wealth and wisdom.
Re: (Score:1)
To save you some googling: http://www.imdb.com/title/tt00... [imdb.com]
Re: (Score:2)
read the book, you know those things that burn really well at F. 451
Re: (Score:1)
Re: (Score:1)
Unless the people behind the attack are physically located in the US or a nation interested in prosecuting them, there is no authority to turn to, no one to track down and prosecute the offender and no hope of restitution. That is where your car analogy falls apart, as there would be no FBI to get involved.
But under your analogy, leaving cars all over Jersey streets wouldn't be the proper response. Hiring someone to find and beat the perpetrators would be the way
If the government can't defend you... (Score:5, Interesting)
...should you not defend yourself?
Re: (Score:2)
Sure. The problem is, in the absence of an impartial referee everyone can submit to without losing face, things tend to get out of hand. You think someone's been unjust to you? Retaliate! Someone might be planning to attack? Attack them first! Someone's getting dangerously powerful? Take them down while you still can!
Just look at world politics: areas with functioning hegemons, even completely impotent ones like the EU, have issues settled through legal battles, while area
Re: (Score:2)
Sure. The problem is, in the absence of an impartial referee everyone can submit to without losing face, things tend to get out of hand. You think someone's been unjust to you? Retaliate! Someone might be planning to attack? Attack them first! Someone's getting dangerously powerful? Take them down while you still can!
Just look at world politics: areas with functioning hegemons, even completely impotent ones like the EU, have issues settled through legal battles, while areas without them, like Africa, have an endless supply of militant groups. The hegemon doesn't necessarily have to be a Leviathan, to produce obedience through fear of themselves, they just need to have general recognition as the legitimate ruler so that anyone willing to defect over any particular issue is put back into line by the others for fear of anarchy.
More importantly, the article mentions using "overseas locations" to retaliate. Really all this is (or would be) doing is dirtying the water to make it harder to find out who the real malicious actors are. Better to spend your resources tracing down the exact source, or better yet on public awareness campaigns about malware (since all DDoS "attacks", and a lot of other attacks, come from compromised bystanders). Otherwise, you are just going to push your attackers on to a different group of hosts and wil
Re: (Score:2)
I'm sure the first thing people should think of when someone is shooting at them is that they should be putting more money into lobby educating people not to give guns to violent people!
Re: (Score:2)
Re: (Score:2)
This is exactly the situation that shipping faced in the sixteenth through eighteenth centuries: state and non-state actors alike were interdicting commerce, seizing assets, and wrecking trade. Privateers arose, working both sides of the dilemma: they were both freebooting pirates and instruments of revenge for losses incurred. Eventually people realized that the only ones profiting from that system were the pirates, precisely because they worked both sides of the issue, while everyone else suffered treme
Re: (Score:2)
Nope. The person you are attacking back against is likely another victim whose hardware has been commandeered. In this case, your attack will do nothing to harm the perpetrator and will probably harm a bystander.
If retaliation becomes the norm, then an effective method of attack amplification will be for a small entity to attack a large entity and frame the intended victim for it.
Re: (Score:2)
...should you not defend yourself?
There's also a difference between retaliation and defense.
Scenario 1: Bank is being hacked. They take down attacking server to stop the attack. That's defense.
Real world analogy: Somebody is mugging you. You punch them in the face to prevent them stealing your wallet.
Scenario 2: Bank was hacked. They take down the server that attacked them. That's retaliation.
Real world analogy: Somebody mugged you. You figure out who they are, go over to their apartment and punch them in the face.
Of course, in scenar
hahahhah oh the irony (Score:3, Interesting)
as if the FBI/CIA/NSA aren't already tools of the plutocratic multi-nationals.
i believe that the only reason they don't want them doing it on their own is that it robs the 3-letter agencies of political glory.
Re: (Score:2)
i believe that the only reason they don't want them doing it on their own is that it robs the 3-letter agencies of political glory.
So you see no downside to unregulated corporate hacking? I would have thought that someone supposedly concerned about "plutocratic multi-nationals" might have a different view. Or does this come back to the question of who's a tool?
I'm sorry (Score:2)
I know I shouldn't say it but this is completely fucking awesome. We live in a cyberpunk future!
laugh (Score:2)
Is this the same FBI that told us NK was responsible for the Sony hack?
Federal Bureau of Incompetence.
FBI (Score:1)
Is this the same FBI that told us NK was responsible for the Sony hack?
Federal Bureau of Incompetence.
I just wish we could get all the incompetence located in a single bureau. Tim S.
Re: (Score:2)
Why do you think that was incompetence rather that political manuvering? Ask 10 people at random, and if they even know about the Sony hack, most of them will blame North Korea.
Lies, rather than incompetence, is what you should expect here until there is evidence to the contrary. (OTOH, if they were really competent, and cared, they could at least have come up with some decent evidence. My take is that they didn't care, however, rather than that they were incompetent.)
Re: (Score:1)
Sure conspiracy is an option, I've covered that multiple times here's one: http://slashdot.org/comments.p... [slashdot.org]
But here's something else to consider, getting caught at lying IS incompetence, so you see no matter how you look at it they are incompetent.
Not real hackers (Score:5, Insightful)
Re: (Score:2)
Now we have 'hacktivists' (whether you love or loathe the term) who are supposed to use their powers for perceived social good. As is often the case, the distinction is not always black and white.
Re: (Score:2)
Sorry, but the term "cracker" was only created after the media started to refering to ANY computer exploit as the work of a hacker, and only publicizing the unlawful ones. It never caught on outside of a quite limited community. Give up the battle, it's time to invent a new word to mean what hacker used to mean.
Ok for them (Score:3)
but not ok for anyone else. this is what happens when governments routinely skirt the law.
Maybe if the FBI took care of them (Score:3)
the companies wouldn't have an incentive to do that.
Re: (Score:2)
The purpose of the police is to protect the state. Normally they do this by enforcing the laws in such a way that those with the power to threaten the state feel that they are more secure being supported by the state than by threatening it. Additionally they often enforce other laws that happen to be there.
Don't read this remit too narrowly. Consider it in context with "The law in its majesty forbids both the rich and the poor man from sleeping under the bridge."
Unfortunately, I have described an honest
Just like the police (Score:1)
Yep, that's law enforcement for you (Score:2)
Dog in the manger. Can't protect you, can punish you for doing anything to protect yourself.
Re: (Score:2)
you aren't hacking the one person who's hacking you, you're hacking innocents whose computers have been hijacked for the sole purpose of hacking you.
Twat.
Re: (Score:2)
You need a name for that group. Something catchy. How about "League of Nations?" Or maybe something a little more modern. "United Nations?" But United Nations sounds like everybody would get involved. So maybe you want to have a smaller group of just the most important countries, specifically addressing security problems. You could call it the "Security Council" and just have the most powerful countries on it. Plus maybe a small number of rotating seats so the rest of the world had some representati
so... what? DDOS the botnets? (Score:2)
Great idea... why didn't we think of that?
o.0