Report On The Ethical Dilemmas Faced By Corporate Cybersecurity

1276 Words6 Pages

The purpose of this report is to examine ethical dilemmas that confront cybersecurity professionals when considering to “hack-back” against a threat. It examines the current legal landscape regarding this issue, and possible outcomes if new suggested laws are ratified. Next it utilizes the fundamentals of computer ethics while focusing on two real world examples of “hacking-back”. In conclusion, it reaffirms the dangers of any legislation that allows for aggressive digital counterstrikes.

Introduction
The purpose of this report is to explore the ethical dilemmas faced by corporate cybersecurity professionals in the United States of America by examining the core principles of computer ethics, current legislation, and several …show more content…

Instead of focusing on the broad-spectrum of social ethics, this report will utilize Computer Ethics Institute’s Ten Commandments of Computer Ethics in analyzing the ethics of counter-hacking. The Ten Commandments of Computer Ethics is a simplistic overview of the ethical and unethical way to utilize computers. With a quick overview of Figure 1, it is easy to see that allowing U.S. corporations to counter-hack another’s computer would go against half of the listed ethical principles.
Further complicating things is the way most internet attacks work. For example, a Distributed Denial of Service (DDoS) uses the resources of generally unknowingly compromised systems. In a hypothetical scenario, a skilled hacker could use the resources of Amazon’s servers to attack another U.S. company’s servers (Himma …show more content…

The Code Red worm essentially attacked security vulnerabilities in Microsoft web servers and caused approximately 2.6 billion dollars in damages and productivity losses. In Code Red’s first iteration, it’s purpose was to send a massive DoS attack to the White House’s website. Subsequent variations of Code Red were even more damaging until a formal security patch was released to the public (Schauer). Prior to the formal patch, cybersecurity expert Herbert Hexxer wrote the code for the Code Green worm. The Code Green worm was benign in nature, but it also utilized “viral/worm” techniques while patching the Code Red worm. After considering the ethical dilemma he was in, Hexxer didn’t set his worm free to patch unknowing systems. Instead, he released the code. By releasing the code, Hexxer avoided the ethical dilemma of interfering with other people’s computer resources, or files (Carle). But, by releasing the code, Hexxer could also be on shaky ethical ground because there could be social consequences from the program he wrote. Someone with less than favorable motivation could take his security patch code and modify it for malicious

More about Report On The Ethical Dilemmas Faced By Corporate Cybersecurity