Share this page!

Jordan A. Brunner Profile picture
Twitter logo
17 Jul, 12 tweets, 7 min read
THREAD: The Biden admin has been quietly trying to address the ransomware problem w/ a new interagency task force, per @politico. The headline mentions #hackingback, but the story doesn't give much detail about that idea or its history. Allow me . . .
politico.com/news/2021/07/1…
2/ "Hacking back" is a colloquial term used for offensive measures in cyberspace. Think of it like a spectrum, with stationary defenses (i.e., firewalls) on one side, and more agressive tools (i.e, wiping data) on the other. Hacking back falls closer to the latter category.
3/ More detail here spfusa.org/research/gray-…
4/ Hacking back has been kicked around as a potential solution to cyber intrusions since at least 2017, when @RepTomGraves & @SenatorSinema introduced the Active Cyber Defense Certainty Act, providing exceptions to the CFAA. Graves reupped it in 2019. congress.gov/bill/115th-con…
5/ H/T to @BobbyChesney, who has covered these legislative proposals to revise the CFAA and allow for/encourage #hackingback extensively for @lawfareblog.
lawfareblog.com/hackback-back-…
6/ Others have looked at it from an international law perspective. @RosenzweigP has examined the international law implications using a letter of marque and reprisal regime, among other legal tools, as has . . .

papers.ssrn.com/sol3/papers.cf…
7/ . . . former GC of the Air Force/Space Force Thomas Ayres, who recently argued that we should treat hackers as pirates on international waters.
wsj.com/articles/a-mar…
8/ The "hackers as pirates" idea become more prominent lately, which makes sense - hackers & pirates have similar motivations, use similar tactics, and both can be used as proxies to asymetrically benefit State actors (i.e., Russia, China).
9/ And it has gained key support. Last month, @CyberDASD agreed w/ the above analogy: "I’ve actually been thinking a lot about . . . international law and piracy as it relates to cybersecurity, and I think it’s a very instructive one for us as a nation.”
armed-services.senate.gov/hearings/to-re…
10/ The military began to adopt this active defense/#hackback stance a few years ago with it's now settled "Defend Forward," posture, as @CYBERCOM_DIRNSA & @sultanofcyber laid out last year.
foreignaffairs.com/articles/unite…
11/ And the FBI is getting better at working w/ companies to attribute and take action against hackers, as they did when they clawed back millions from the Colonial Pipeline ransomware intrusion.
cnbc.com/2021/06/07/us-…
12/ The @WHNSC will still need to think through all the escalation implications related to allowing private actors to take on governmental authority in cyberspace. But it seems like #hackingback is a permanent part of the conversation. [End]

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Jordan A. Brunner

Jordan A. Brunner Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @JABrunner88 has new unrolls!

Check out other threads from @JABrunner88!

Read all threads by @JABrunner88

:(