Once again, we hear rumblings of a "hack back" effort. We blogged on this before and even provided a technical schematic. The article explains:
Known in the cyber security industry as "active defense" or "strike-back" technology, the reprisals range from modest steps to distract and delay a hacker to more controversial measures. Security experts say they even know of some cases where companies have taken action that could violate laws in the United States or other countries, such as hiring contractors to hack the assailant's own systems.
A history lesson is due here. There was a similar movement by the end of the 90s. It usually ended up with companies spending many resources to eventually either take down the computer of an old lady. Its not clear, given current crime landscape, how this could lead to actually thwarting the real perpetrators. There’s also the sad Blue Frog incident, in which a bunch of geeks didn’t realize that criminals have a tendency to violence even if they are cyber criminals.
What was the Blue Frog incident? They were an Israeli anti-spam company. They installed an agent on each client machine that would automatically follow the link on spam emails, effectively creating a DoS attack against those who use spam for advertising. They went down in a big bang when spammers launched a devastating attack against their hosters and no hoster would support them.