

Offensive "Hack Back" Actions are High-Risk - jessaustin
http://www.honeynet.org/node/1004

======
jessaustin
"Any company that cannot discover an intrusion for a year sufficiently knows
neither themselves, nor their enemy, and is not in a strong position to win a
battle by going on the offensive against them."

Well that makes sense. If you've been pwned, it's likely that there are many
aspects of the situation you don't understand, even after you realize the fact
of your pwnage. Who can say that your "offensive" actions aren't exactly what
your opponent desires, as he has led you to take part in his attacks on other
victims? Do you consent that those victims "hack back" against your assets in
response to your misguided actions?

It seems like we've heard about this sort of tactic for some time. It's like
many other proposed IT "solutions" in that it's much easier to market than to
provide.

