Hacking Back in Self-Defense:
Download
1 / 22

Hacking Back in Self-Defense: Is It Legal? Should it Be? David Willson, JD, LLM CISSP, Security + - PowerPoint PPT Presentation


  • 152 Views
  • Uploaded on

Hacking Back in Self-Defense: Is It Legal? Should it Be? David Willson, JD, LLM CISSP, Security + Titan Info Security Group, LLC.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Hacking Back in Self-Defense: Is It Legal? Should it Be? David Willson, JD, LLM CISSP, Security +' - elle


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Slide1 l.jpg

Hacking Back in Self-Defense:

Is It Legal? Should it Be?

David Willson, JD, LLM

CISSP, Security +

Titan Info Security Group, LLC


Legal disclaimer l.jpg

This presentation is made available for educational purposes only as well as to give you general information and a general understanding of the law, not to provide specific legal advice. By viewing and participating in this presentation you understand that no attorney-client relationship is formed. This presentation and material herein should not be used as a substitute for actual legal advice from a licensed attorney in your state with whom you establish an attorney-client relationship. The ideas presented are only theories and should not be considered authorization or advice to take action and/or violate the law.

Legal disclaimer

Titan Info Security Group, LLC


A little about my background l.jpg

Summer 2010: Retired from Army – JAG/Attorney for 20 years only as well as to give you general information and a general understanding of the law, not to provide specific legal advice. By viewing and participating in this presentation you understand that no attorney-client relationship is formed. This presentation and material herein should not be used as a substitute for actual legal advice from a licensed attorney in your state with whom you establish an attorney-client relationship. The ideas presented are only theories and should not be considered authorization or advice to take action and/or violate the law.

Licensed Attorney in NY and CT, waiving into CO.

Ten years trial work, both prosecution and defense

Ten years providing advice and support in the areas of satellite operations, information technology and security, and computer network operations

Legal advisor to IOTC, NASS, and then JFCC-NW at NSA

Just started Titan Info Security Group, LLC

Frequent speaker at security conferences: RSA, CSI, HTCIA, Int’t Cyber Crime Conf., Bsides, ISSA

A little about my background

Titan Info Security Group, LLC


Background cont l.jpg

Published: only as well as to give you general information and a general understanding of the law, not to provide specific legal advice. By viewing and participating in this presentation you understand that no attorney-client relationship is formed. This presentation and material herein should not be used as a substitute for actual legal advice from a licensed attorney in your state with whom you establish an attorney-client relationship. The ideas presented are only theories and should not be considered authorization or advice to take action and/or violate the law.

“An Army View of Neutrality in Space: Legal Options for Space Negation,”

The Air Force Law Review, Vol. 50, 2001  

“A Global Problem: Cyberspace Threats Demand an International Approach,”

Armed Forces Journal, July 2009; ISSA Journal, August 2009, lectured at CSI (as keynote) and RSA.  

“When Does Electronic Espionage Become An Act of War?”CyberPro Magazine, May 2010, ISSA Journal June 2010, lectured at International Cyber Crime Conference.  

Lectured on: “Flying Through the Cloud, Investigations, Forensics and Legal Issues in Cloud Computing," atCSI and HTCIA; "Ethical Use of Offensive Cyberspace," at RSA  

background cont.

Titan Info Security Group, LLC


Problem l.jpg
Problem only as well as to give you general information and a general understanding of the law, not to provide specific legal advice. By viewing and participating in this presentation you understand that no attorney-client relationship is formed. This presentation and material herein should not be used as a substitute for actual legal advice from a licensed attorney in your state with whom you establish an attorney-client relationship. The ideas presented are only theories and should not be considered authorization or advice to take action and/or violate the law.

Hackers and their Botnets plague the networks of many businesses around the world!

$115,000 stolen

$78,000 stolen

$241,000 stolen

$151,000 stolen

Titan Info Security Group, LLC


Coreflood botnet l.jpg

Coreflood only as well as to give you general information and a general understanding of the law, not to provide specific legal advice. By viewing and participating in this presentation you understand that no attorney-client relationship is formed. This presentation and material herein should not be used as a substitute for actual legal advice from a licensed attorney in your state with whom you establish an attorney-client relationship. The ideas presented are only theories and should not be considered authorization or advice to take action and/or violate the law. is a computer virus used to steal personal and financial information from the machines it infects and return it to the operator of the Botnet where it can be used to steal funds, hijack identities and commit other crimes. The FBI estimates that the CorefloodBotnet enabled fraudulent transfers that cost businesses hundreds of thousands of dollars before the agency shut it down. (Govt Security News, John Mello, Jr.)

Corefloodbotnet

Titan Info Security Group, LLC


Effect of cyber crime ponemon study 2010 l.jpg
Effect of Cyber Crime only as well as to give you general information and a general understanding of the law, not to provide specific legal advice. By viewing and participating in this presentation you understand that no attorney-client relationship is formed. This presentation and material herein should not be used as a substitute for actual legal advice from a licensed attorney in your state with whom you establish an attorney-client relationship. The ideas presented are only theories and should not be considered authorization or advice to take action and/or violate the law.(Ponemon Study 2010)

Titan Info Security Group, LLC


Losses ponemon study 2010 l.jpg
Losses only as well as to give you general information and a general understanding of the law, not to provide specific legal advice. By viewing and participating in this presentation you understand that no attorney-client relationship is formed. This presentation and material herein should not be used as a substitute for actual legal advice from a licensed attorney in your state with whom you establish an attorney-client relationship. The ideas presented are only theories and should not be considered authorization or advice to take action and/or violate the law.(Ponemon Study 2010)

Titan Info Security Group, LLC


What is a bot or botnet l.jpg
What is a only as well as to give you general information and a general understanding of the law, not to provide specific legal advice. By viewing and participating in this presentation you understand that no attorney-client relationship is formed. This presentation and material herein should not be used as a substitute for actual legal advice from a licensed attorney in your state with whom you establish an attorney-client relationship. The ideas presented are only theories and should not be considered authorization or advice to take action and/or violate the law.bot or botnet?

Bot or web Robots: software applications that run automated tasks over the Internet. The largest use of bots is in web spidering, in which an automated script fetches, analyzes and files information from web servers at many times the speed of a human. Recently bots have been used for search advertising, such as Google Adsense.

Botnet: a collection of infected computers or bots that have been taken over by hackers and are used to perform malicious tasks or functions. A computer becomes a bot when it downloads a file (e.g., an email attachment, malware on a website) that has bot software embedded in it. A botnet is considered a botnet if it is taking action on the client itself via IRC channels without the hackers having to log in to the client's computer. The typical botnet consists of a bot server (usually an IRC server) and one or more botclients

Titan Info Security Group, LLC


How a bot works l.jpg
how a only as well as to give you general information and a general understanding of the law, not to provide specific legal advice. By viewing and participating in this presentation you understand that no attorney-client relationship is formed. This presentation and material herein should not be used as a substitute for actual legal advice from a licensed attorney in your state with whom you establish an attorney-client relationship. The ideas presented are only theories and should not be considered authorization or advice to take action and/or violate the law.bot works

  • Botnetshave different topologies or command and control (CnC) structures. Most, it appears, use a compromised server as and IRC server, or referred to as the IRC daemon (IRCd).

  • Multiple bots will communicate with the IRCd via a “phone home” function.

  • Single point of failure : If the central CnC is blocked or otherwise disabled, the botnet is effectively neutered. This will become important as we get into the theory.

Titan Info Security Group, LLC


More definitions l.jpg
More definitions only as well as to give you general information and a general understanding of the law, not to provide specific legal advice. By viewing and participating in this presentation you understand that no attorney-client relationship is formed. This presentation and material herein should not be used as a substitute for actual legal advice from a licensed attorney in your state with whom you establish an attorney-client relationship. The ideas presented are only theories and should not be considered authorization or advice to take action and/or violate the law.

“Spam”

“Add-ons”

“Cookies”

Titan Info Security Group, LLC


Is hack back self defense l.jpg
Is hack back self-defense? only as well as to give you general information and a general understanding of the law, not to provide specific legal advice. By viewing and participating in this presentation you understand that no attorney-client relationship is formed. This presentation and material herein should not be used as a substitute for actual legal advice from a licensed attorney in your state with whom you establish an attorney-client relationship. The ideas presented are only theories and should not be considered authorization or advice to take action and/or violate the law.

Yes: Timothy Mullen, chief information officer of AnchorIS Inc, says people should be allowed to neutralize one that is unwittingly spreading destructive Internet worms like "Nimda."No: C.H. "Chuck" Chassot of the Department of Defense's Command, Control, Communications & Intelligence office says "It is the DoD's policy not to take active measures against anybody because of the lack of certainty of getting the right person."Yes: Jennifer StisaGrannick, litigation director at the Center for Internet and Society at Stanford Law School says "This is a type of defense of property," she said. "There is a lot of sympathy for that (kind of action) from law enforcement and vendors because we do have such a big problem with viruses."

Titan Info Security Group, LLC


Scenario l.jpg
Scenario only as well as to give you general information and a general understanding of the law, not to provide specific legal advice. By viewing and participating in this presentation you understand that no attorney-client relationship is formed. This presentation and material herein should not be used as a substitute for actual legal advice from a licensed attorney in your state with whom you establish an attorney-client relationship. The ideas presented are only theories and should not be considered authorization or advice to take action and/or violate the law.

Business X finds malware on their networks in the form of a Bot that is receiving instructions from a host server via IRC chat.

Titan Info Security Group, LLC


Deterrents to hack back l.jpg
Deterrents to hack back only as well as to give you general information and a general understanding of the law, not to provide specific legal advice. By viewing and participating in this presentation you understand that no attorney-client relationship is formed. This presentation and material herein should not be used as a substitute for actual legal advice from a licensed attorney in your state with whom you establish an attorney-client relationship. The ideas presented are only theories and should not be considered authorization or advice to take action and/or violate the law.

Titan Info Security Group, LLC


Slide15 l.jpg
law only as well as to give you general information and a general understanding of the law, not to provide specific legal advice. By viewing and participating in this presentation you understand that no attorney-client relationship is formed. This presentation and material herein should not be used as a substitute for actual legal advice from a licensed attorney in your state with whom you establish an attorney-client relationship. The ideas presented are only theories and should not be considered authorization or advice to take action and/or violate the law.

  • Computer Fraud and Abuse Act (CFAA)

  • A law to prevent trespass against a computer or network

  • Applies to any “protected computer”

  • “Exceeds authorized access”

  • “Computer”

  • “Damage”

  • “Loss”

Titan Info Security Group, LLC


Slide16 l.jpg
law only as well as to give you general information and a general understanding of the law, not to provide specific legal advice. By viewing and participating in this presentation you understand that no attorney-client relationship is formed. This presentation and material herein should not be used as a substitute for actual legal advice from a licensed attorney in your state with whom you establish an attorney-client relationship. The ideas presented are only theories and should not be considered authorization or advice to take action and/or violate the law.

“Whoever intentionallyaccesses a computer without authorization or exceeds authorized access, and thereby XXX”

Titan Info Security Group, LLC


Slide17 l.jpg
law only as well as to give you general information and a general understanding of the law, not to provide specific legal advice. By viewing and participating in this presentation you understand that no attorney-client relationship is formed. This presentation and material herein should not be used as a substitute for actual legal advice from a licensed attorney in your state with whom you establish an attorney-client relationship. The ideas presented are only theories and should not be considered authorization or advice to take action and/or violate the law.

“Unauthorized Access to a Computer”

“Computer Trespass”

“Self-Defense”

Titan Info Security Group, LLC


My theory l.jpg
My theory only as well as to give you general information and a general understanding of the law, not to provide specific legal advice. By viewing and participating in this presentation you understand that no attorney-client relationship is formed. This presentation and material herein should not be used as a substitute for actual legal advice from a licensed attorney in your state with whom you establish an attorney-client relationship. The ideas presented are only theories and should not be considered authorization or advice to take action and/or violate the law.

Titan Info Security Group, LLC


Legal l.jpg
Legal?? only as well as to give you general information and a general understanding of the law, not to provide specific legal advice. By viewing and participating in this presentation you understand that no attorney-client relationship is formed. This presentation and material herein should not be used as a substitute for actual legal advice from a licensed attorney in your state with whom you establish an attorney-client relationship. The ideas presented are only theories and should not be considered authorization or advice to take action and/or violate the law.

  • Did you have intent to access the innocent computer or server being used as the IRC server?

  • Did you access that server without authorization?

  • Did you cause harm, alter, or in some way have a negative impact on the innocent computer?

Titan Info Security Group, LLC


Legal20 l.jpg
Legal?? only as well as to give you general information and a general understanding of the law, not to provide specific legal advice. By viewing and participating in this presentation you understand that no attorney-client relationship is formed. This presentation and material herein should not be used as a substitute for actual legal advice from a licensed attorney in your state with whom you establish an attorney-client relationship. The ideas presented are only theories and should not be considered authorization or advice to take action and/or violate the law.

  • Does an infected computer impliedly grant you access to their system if their computer is causing damage to or plaguing your computer or network?

  • Wouldn’t a traditional scenario of self-defense apply in this situation?

  • Is the only driving factor imminence?

Titan Info Security Group, LLC


Legal21 l.jpg
Legal?? only as well as to give you general information and a general understanding of the law, not to provide specific legal advice. By viewing and participating in this presentation you understand that no attorney-client relationship is formed. This presentation and material herein should not be used as a substitute for actual legal advice from a licensed attorney in your state with whom you establish an attorney-client relationship. The ideas presented are only theories and should not be considered authorization or advice to take action and/or violate the law.

  • Does an infected computer whose negligence allows your computer to be attacked and the attack is ongoing or imminent give you automatic authority to defend yourself by accessing that infected computer?

  • Can the victim of a Bot attack claim that their code was automatic, used common protocols, followed the Bot into the infected server (IRCd), and blocked the Bot – did he exceed authorized access?

  • Is the only driving factor imminence?

Titan Info Security Group, LLC


Questions l.jpg
Questions?? only as well as to give you general information and a general understanding of the law, not to provide specific legal advice. By viewing and participating in this presentation you understand that no attorney-client relationship is formed. This presentation and material herein should not be used as a substitute for actual legal advice from a licensed attorney in your state with whom you establish an attorney-client relationship. The ideas presented are only theories and should not be considered authorization or advice to take action and/or violate the law.

David Willson, JD, LLM

CISSP, Security +

Titan Info Security Group, LLC

719-648-4176

david@titaninfosecuritygroup.com

www.titaninfosecuritygroup.com

Or text me @:

50500 and text: titansecurity

Titan Info Security Group, LLC