“Hackback”: A New Approach

Today we read about the likely death in a drone attack of an ISIS hacker/warrior/cyber-jihadist:

http://www.forbes.com/sites/seanlawson/2015/09/12/with-drone-strike-on-isis-hacker-u-s-escalates-its-response-to-cyber-attacks/

In the infosecurity world, we’ve heard for years about the idea of “hackback“, basically an offensive response to an offensive action. Every couple of years this idea comes back around as someone gets frustrated with feeling like the attackers have all the advantages (and fun) and wants to take the fight back to them.

It’s an understandable idea. And, in some measured cases may even make sense. But as a blanket rule, no it’s not a good idea.

This latest development shows that “hackback” doesn’t need to be contained to computer tactics: a physical or kinetic response is just as (if not more) effective.

The bigger story though is how this shows that the idea of “infosecurity” is more and more an empty concept and that it’s all just “security”.