Ethical concerns and laws related to counterattacks
United States standpoint on counterattacks
In the U.S., deploying a counterattack on a threat actor is illegal because of laws like the
- Computer Fraud and Abuse Act of [[1986]]
- Cybersecurity Information Sharing Act of [[2015]],
You can only defend. The act of counterattacking in the U.S. is perceived as an act of [[vigilantism]].
And because threat actors are criminals, counterattacks can lead to further escalation of the attack, which can cause even more damage and harm.
Lastly, if the threat actor in question is a state-sponsored hacktivist, a counterattack can lead to serious international implications.
A hacktivist is a person who uses hacking to achieve a political goal. The political goal may be to promote social change or civil disobedience.
For these reasons, the only individuals in the U.S. who are allowed to counterattack are approved employees of the federal government or military personnel.
International standpoint on counterattacks
The [[International Court of Justice]] (ICJ), which updates its guidance regularly, states that a person or group can counterattack if:
-
The counterattack will only affect the party that attacked first.
-
The counterattack is a direct communication asking the initial attacker to stop.
-
The counterattack does not escalate the situation.
-
The counterattack effects can be reversed.
Organizations typically do not counterattack because the above scenarios and parameters are hard to measure. There is a lot of uncertainty dictating what is and is not lawful, and at times negative outcomes are very difficult to control.
Counterattack actions generally lead to a worse outcome, especially when you are not an experienced professional in the field.
To learn more about specific scenarios and ethical concerns from an international perspective, review updates provided in the Tallinn Manual online.