Patrick Lin, an associate philosophy professor at California Polytechnic State University, San Luis Obispo, makes the moral case for hacking back. Heather Roff, a visiting professor at the University of Denver’s Josef Korbel School of International Studies, argues against allowing defensive hacking.
YES: If the State Can’t Offer Protection, Firms Need to Act
By Patrick Lin
Companies are suffering major financial losses from cyberattacks, and government seems powerless to do much about it. With no cavalry coming to the rescue, businesses may be morally justified in conducting cybercounterstrikes against their tormentors, even if it is technically illegal.
Here’s why.
Based on an implicit promise to protect its citizens, the state has a duty to take actions against law breakers. If the state can’t fulfill that promise, private actors can be justified in fighting back. In the days of the American frontier, individuals often had to protect themselves. Historically, nations have granted “letters of marque” authorizing citizens to defend themselves against, say, pirates and foreign enemies on the open seas.
Likewise, it may be up to victims of hacking attacks to protect themselves—including taking offensive measures such as “hacking back” when the state can’t prevent or prosecute these crimes.
Does hacking back undermine the rule of law? Arguably, the rule of law no longer exists here. It’s already undermined when malicious attackers have free rein. It’s hard to see how doing nothing helps to solve the problem.
Read the full piece at The Wall Street Journal.