Cyber Hunting Looms as the Next Virtual Frontier

Turning the tables on cyber marauders may be alluring as the ultimate cyber defense, but it is not without risk, according to panelists at the AFCEA/INSA Intelligence and National Security Summit being held in Washington, D.C., September 9-10. Commercial cybersecurity measures could reach beyond defense to offensive measures against cyber intruders to a limited degree, but companies must ensure they break no laws—nor rile their cyber adversaries too much.

Alex Kott of the U.S. Army Research Laboratory suggested that plenty of gray areas exist when it comes to laws limiting offensive cyber operations. Given the international nature of the cyberthreat, there are other countries where laws are different, and companies might be able to pursue activities there.

Rick Howard of Palo Alto Networks declared that the commercial sector absolutely should not be in the attack vector. “Adversaries will come roaring back” at those who pursue them aggressively, he warned. Sherri Ramsay of CyberPoint International echoed his remarks by saying that companies are very ill-equipped to take the blowback. She also warned of collateral damage, adding, “I wouldn’t want a U.S. company to take down a hospital just because it thought an attack came from there.”

Another problem would be hunting software that turns against its user. “If we develop more and more sophisticated hunting software, it will be self learning, self adapting, self evolving,” Kott pointed out. “How do we know we can trust them? How will we know these intelligent agents are not subverted by adversaries or have learned on their own something that is dangerous? This is not science fiction; it is reality,” he warned.