Plan to Fight Back Against Hackers Causes Stir: Page 2

(Page 2 of 2)

Sundermeier also worries that ISPs, which deal with such large amounts of network traffic, would be pummeled by the weight of counterattacks.

Erwin, however, says ISPs are already suffering.

''Intermediaries, such as ISPs, are already caught in the middle when one of their customers is engaged in, or is the target of, a network-based attack,'' he says. ''Our system empowers customers to mount a supportable response at the moment they are being attacked and their network assets are placed at risk by an attacker.''

Both Sundermeier and Ken Dunham, director of malicious code at iDefense, a security and anti-virus company, say innocent users, whether individuals or corporate users, would feel the brunt of many counterattacks.

A significant number of worms in the past several months have been geared to infect a machine and then open a backdoor that the virus author can use to remotely control that computer. Once thousands or hundreds of thousands of machines have been compromised this way, the hacker can then use this army of 'zombie' machines to send malignant waves of spam or hit a company with an aggressive denial-of-service attack. If the company under attack traced the source of the attack, it would take them back to these compromised machines.

That means a counterattack might be more likely to hit an elderly woman living in Duluth or a remote worker who didn't download the security update in time, as it would the virus author who actually infected those machines and launched the attack.

Symbiot's Erwin says those compromised computers are a part of the problem, leaving them open to response.

''When a zombied host or infected computer has been clearly identified as the source of an attack, it is our responsibility to empower customers to defend themselves,'' says Erwin. ''An infected machine, one no longer under the control of its owner, is no longer an innocent bystander.''

Dunham of iDefense disagrees.

''This is riddled with problems,'' says Dunham. ''You don't want to make it any more awful for a victim than it already is. If someone's computer has been compromised, you don't want to slam them again with a counterattack... What kind of online community would this lead to?''

Dunham adds that he'd be interested to find out what would happen if a computer on a military network was compromised and used in a denial-of-service attack. The company that launched a counterattack against that machine might find itself in a situation it hadn't expected.

Symbiot executives say they'll release more information about their product the closer they get to the release day, which is scheduled for March 31.

Want to talk about this topic? Go to our IT Management Forum: http://forums.datamation.com/forumdisplay.php?s=&forumid=1

Page 2 of 2

Previous Page
1 2

0 Comments (click to add your comment)
Comment and Contribute


(Maximum characters: 1200). You have characters left.



IT Management Daily
Don't miss an article. Subscribe to our newsletter below.

By submitting your information, you agree that datamation.com may send you Datamation offers via email, phone and text message, as well as email offers about other products and services that Datamation believes may be of interest to you. Datamation will process your information in accordance with the Quinstreet Privacy Policy.