U.S. Bankers — Vigilant or Vigilantes?

Posted January 20, 2015

FBI Investigates Revenge Hacking (Illegal under U.S. Law) by Banks Seeking to Get Even With Countries or Criminals Who Hacked Them

“Vengeance is mine,” saith the Lord and the Federal Bureau of Investigation, which is looking into the possibility that some of the nation’s largest banks hacked the hackers who attacked them.

Revenge has been a storyline from Homer to Shakespeare to the American western. Now, some bankers may have been looking to make revenge a strategy for preserving a financial institution’s bottom line.

In her story on cbsnews.com, Jan Crawford sheds light on what some banks may have been contemplating (or have actually done) to retrieve stolen data, stop an impending attack or taken revenge on their cyberattackers. The following has been excerpted from Crawford’s piece and edited to fit our format. You may find her complete story by clicking on this link.

Don’t tread on me

In 2012, the U.S. government announced that Iran was behind the hacking of some of the country’s largest banking institutions. The banks soon met with U.S. officials, where, according to Bloomberg News, an individual from J.P. Morgan proposed that the banks hit back by taking down the Iranian servers.

A 30-year-old law

According to the Computer Fraud and Abuse Act, a law passed almost 30 years ago, U.S. companies cannot access external computers to overload servers to retrieve stolen information or even to stop an impending attack.

Fighting with one arm tied behind their backs

“Right now the situation is that companies are on defense,” [said Bloomberg News reporter Michael Riley.]. “They have to try and keep hackers out of their networks, and the hackers only have to win once.”

Riley said the recent Sony hack showed that the FBI can help figure out who is behind an attack and can provide a company information on how to get the hackers out of their networks, but at that point information is already compromised.

“They are incredibly frustrated, they are incredibly vulnerable, and they are looking for other options, and some of those options may be going after the hackers.”

Fending off cyberattackers could save big bucks

A recent report by McAfee estimated that hacking costs the global economy up to $575 billion annually.

Could vigilantes make things worse?

[Cybersecurity firm Fortalice CEO Theresa Payton says vigilantism could] “actually make a bad situation go from bad to a catastrophe. You have no idea what you could be taking offline. It could be an energy utility server. It could be a financial services server of a small community bank — you don’t know.”

ThreatMetrix

ThreatMetrix

close btn