Strike Back Gets a Lot of Lip Service, but Does Little Good

"Strike back" refers to launching a counter-offensive against cyber hackers. This can mean filing lawsuits, launching cyber espionage campaigns to gain intelligence about our adversaries, or even launching cyber attacks (sometimes automatically) against networks we think have attacked us. Most of us can appreciate the idea of striking back against attackers. This is why strike back will be a major topic of discussion in the IT security community in 2013, and we even expect to see some companies create strike back solutions.

But here's the problem with strike back - digital attacks bounce through many countries, making jurisdiction a nightmare. Criminals often gain control of victim computers, leveraging those malicious zombies in their attacks. They may plant "false flags" in their malware to trick us into thinking someone else is behind the attack. As satisfying as "strike back" may sound, counter-attacking IP addresses we believe have attacked us will - more often than not - just take out some unsuspecting victim's computer, and likely break local laws in the process. In the end, strike back will cause more trouble than it's worth, and probably won't be implemented in most organizations.