Vice or Virtue? Exploring the Dichotomy of an Offensive Security Engineer and Government “Hack Back” Policies

Date
2020-01-07
Authors
Withers, Kim
Parrish, James
Ellis, Timothy
Smith, James
Contributor
Advisor
Department
Instructor
Depositor
Speaker
Researcher
Consultant
Interviewer
Journal Title
Journal ISSN
Volume Title
Publisher
Volume
Number/Issue
Starting Page
Ending Page
Alternative Title
Abstract
In response to increasing cybersecurity threats, government and private agencies have increasingly hired offensive security experts: "red-hat” hackers. They differ from the better-known “white-hat” hackers in applying the methods of cybercriminals against cybercriminals and counter or preemptively attacking, rather than focusing on defending against attacks. Often considered the vigilantes of the hacker ecosystem, they work under the same rules as would be hackers, attackers, hacktivists, organized cyber-criminals, and state-sponsored attackers—which can easily lead them into the unethical practices often associated with such groups. Utilizing the virtue (ethics) theory and cyber attribution, we argue that there exists a dichotomy among offensive security engineers, one that appreciates organizational security practices, but at the same time violates ethics in how to retaliate against a malicious attacker.
Description
Keywords
Challenged Democracies: The Impact of Digital Government on Democracy and Democratic Institutions, attribution, ethics, hacker, offensive security, vice
Citation
Extent
10 pages
Format
Geographic Location
Time Period
Related To
Proceedings of the 53rd Hawaii International Conference on System Sciences
Rights
Attribution-NonCommercial-NoDerivatives 4.0 International
Rights Holder
Email libraryada-l@lists.hawaii.edu if you need this content in ADA-compliant format.