Cybersecyruty firm founder wants companies to be able to ‘hack back’ against hackers

Josh Peterson Tech Editor
Font Size:

The founder of a U.S. cybersecurity firm petitioned lawmakers earlier this week to allow U.S. companies to hack back against hackers.

Chris Rouland, founder of the U.S. cybersecurity firm Endgame Systems, called on U.S. lawmakers during a panel at the Carnegie Council on Ethics in International Affair on Wednesday to allow U.S. companies to retaliate in cyberspace against their attackers, Forbes reports.

“I do think eventually we need to enable corporations in this country to be able to fight back,” said Rouland.

The U.S. defense and intelligence community, along with a number of U.S. companies, have been sounding the alarm for years about the harm hackers — state-sponsored and otherwise — cause to the U.S. economy.

Cyberattacks cost U.S. businesses $100 billion annually, according to a study published by the Center for Strategic and International Studies and McAfee in July.

Concerns over the militarization of cyberspace, however, runs deep among privacy and civil liberties advocates.

Their resistance to the House’s passage of the Cyber Intelligence Sharing and Protection Act (CISPA) in April was motivated in large part by a provision in the bill that would allow companies to legally counterattack their digital assailants.

But Rouland’s sentiments reflect a wider reality — companies are alongside governments on the front lines of modern war where cyberspace is seen by the Pentagon as a new domain of modern warfare fought by private firms.

Endgame Systems is among a number of cybersecurity firms participating in a multi-billion dollar black market where firms sell vulnerabilities in popular software to high paying customers, including Western governments. Endgame Systems’ clients include agencies in the U.S. intelligence community.

Barrett Brown — journalist, satirist and the occasional public face of Anonymous — began investigating Endgame Systems with his cybersecurity research organization Project PM after the company came to his attention through emails leaked by the hacktivist collective Anonymous in 2011.

Brown, recently placed under a federal gag order, has been jailed for over a year without a trial for, among other charges, allegedly passing along a link from Federal Bureau of Investigation (FBI) informant Hector Xavier Monsegur pertaining to a separate Anonymous hack in December 2012 against private intelligence firm Stratfor.

Brown noted in a April 2012 piece in the Guardian that, according to an investigation by Businessweek, Endgame Systems “have the capability to take out West European airports via cyber attacks (if you’ve got a couple of million dollars to pay for that).”

Prior to the late journalist Michael Hastings’ tragic death in June, Hastings had been working with Brown — a longtime friend — on another story related to what has become known as the cybersecurity-industrial-complex.

According to Kevin Gallagher, director of Brown’s defense fund Free Barrett Brown, Hastings had planned to interview Brown about Romas/COIN – an alleged classified U.S. intelligence program to conduct large-scale monitoring and analysis of social networks.

COIN is also a U.S. military acronym for counterinsurgency operations.

Hastings also emailed friends hours before he died to tell them he believed he was under investigation by the FBI.

The bureau initially denied Hastings was under investigation after the allegation was made public.

The results of a recent Freedom of Information Act (FOIA) request by Al-Jazeera, which included heavily redacted documents, proved otherwise.

Hastings’ FBI file includes a cross reference to a pending criminal investigation the bureau declined to comment upon.

This story has been updated.

Follow Josh on Twitter and Facebook