It’s an ongoing battle; every year or two, there is a new policy proposal to authorize private-sector hack back and 2021 is no exception. The concept of allowing private sector entities to take cyber action against their attackers has one again been raised, this time in a bill from U.S. Senators Steve Daines and Sheldon Whitehouse.
Private sector “hack back” means non-government organizations taking intrusive action against a cyber attacker on technical assets or systems not owned or leased by the person taking action or their client. Essentially, this new bill would direct the Department of Homeland Security (DHS) to study the risks and benefits of allowing private organizations to respond in kind to cyberattacks, which is generally illegal in countries that have anti-hacking laws.