IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Proposed "hack-back" bill could allow companies to retaliate against hackers

The bipartisan bill would direct Homeland Security to look at the risks and benefits of private sector countermeasures

Man typing code on a laptop

A bipartisan bill is making its way through the Senate that could potentially enable private companies to take retaliatory action against cyber criminals hacking their networks.

According to The Hill, Senators Steve Daines (R-Mont.) and Sheldon Whitehouse (D-R.I.) have launched the bill that would push the Department of Homeland Security carry out a study on what potential benefits and risks there would be in permitting private sector organizations “hack back” in the event of an attack. Currently, private companies are banned from doing such things.

Within 180 days of enactment, DHS would have to submit a report with its findings and recommendations. This would include which federal agencies would have oversight, the level of certainty for attribution, which entities would be allowed to act, and what safeguards would be in place. It would also identify any impacts on national security or foreign affairs.

The senators said that while only the federal government has the legal authority to take offensive action on perpetrators of cyber attacks, their responses are limited and “often fail to fully protect the American people.”

“The United States is home to some of the best and brightest technological minds in the world—we should be doing all we can to support them, not hold them back,” Daines said. “The federal government should do more to empower the private sector to directly counter cyber threats from across the globe rather than tie their hands,” he continued.

The bill was originally an amendment to the US Innovation and Competition Act after the SolarWinds hack. Despite getting Senate approval on a party-line vote, the Innovation and Competition Act was not included in this year’s science and technology package. This new bipartisan bill will stand on its own.

Senator Whitehouse said that the Colonial Pipeline ransomware attack shows why the US should “explore a regulated process for companies to respond when they’re targets.”

“This bill will help us determine whether that process could deter and respond to future attacks, and what guidelines American businesses should follow,” he said.

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

Free Download

Powering through to innovation

IT agility drive digital transformation

Free Download

Recommended

FCC commissioner urges Apple and Google to remove TikTok from app stores
data protection

FCC commissioner urges Apple and Google to remove TikTok from app stores

29 Jun 2022
NOAA unveils two new supercomputers in effort to better predict extreme weather
high-performance computing (HPC)

NOAA unveils two new supercomputers in effort to better predict extreme weather

29 Jun 2022
Google aims to court US public sector with new division
public sector

Google aims to court US public sector with new division

29 Jun 2022
Carnival hit with $5 million fine over cyber security violations
cyber security

Carnival hit with $5 million fine over cyber security violations

27 Jun 2022

Most Popular

LockBit 2.0 ransomware disguised as PDFs distributed in email attacks
Security

LockBit 2.0 ransomware disguised as PDFs distributed in email attacks

27 Jun 2022
Open source giant Red Hat joins HPE GreenLake ecosystem
automation

Open source giant Red Hat joins HPE GreenLake ecosystem

28 Jun 2022
Carnival hit with $5 million fine over cyber security violations
cyber security

Carnival hit with $5 million fine over cyber security violations

27 Jun 2022