US Lawmakers Propose "Hack Back" Law to Allow Cyber Retaliation Without Permission of Third-Party Country
US legislators are proposing new legislation that would empower US cyber defenses to hack back at cyber aggressors, even if they”re using a third-party country”s infrastructure, without the explicit consent of the respective country.
The National Defense Authorization Act would also create a new cyber entity with the technology and skills to strike back at cyber aggressors, namely China and Russia, that seek to disrupt US critical infrastructure or weaken its cyber resilience. If approved, the bill not only let the US military “hack back” at aggressors, but also creates a “Cyberspace Solarium Commission” whose purpose is to propose and implement strategic cyber defenses that augment the United States” resilience towards cyber-attacks.
“The committee recommends a provision that would authorize the National Command Authority to direct the Commander, U.S. Cyber Command (CYBERCOM), to take appropriate and proportional action through cyberspace to disrupt, defeat, and deter systematic and ongoing attacks by the Russian Federation in cyberspace,” reads the proposed bill. “The provision would also authorize the Secretary of Defense to conduct, through the Commander, U.S. Cyber Command, surveillance in networks outside the United States of personnel and organizations engaged at the behest or in support of the Russian Federation…”
The Cyberspace Solarium Commission, which would be comprised of 13 people with knowledge and expertise both in national security and cyber security, would also be tasked with evaluating adversarial strategies and allocating resources for defending against offensive strategies.
“The Commission would weigh the benefits and costs of various strategic frameworks (e.g., deterrence, normsbased regimes, and cyber persistence), evaluate the sufficiency of the current allocation of resources in cyberspace, and consider potential realignments in governmental structure and authorities,” reads the proposed bill. “The Commission would have broad authorities to hold hearings, request information from government entities, subpoena witnesses, and contract out taskings.”
August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War
August 31, 2022
Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor
August 30, 2022
What is medical identity theft and how to protect against it
July 27, 2022
Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside
June 28, 2022
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online
June 28, 2022