Hack-Back
What is Hack-Back?
Hack-BackOffensive retaliatory action by a private victim against an attacker's infrastructure, generally illegal under most national computer-misuse laws.
Hack-back, sometimes called active cyber defense outside one's own perimeter, refers to private entities counter-attacking adversary infrastructure to retrieve stolen data, disable a botnet, or destroy malware. In nearly all jurisdictions, including the United States (CFAA), the European Union, and the United Kingdom (Computer Misuse Act 1990), unauthorised access to a third-party system is unlawful — even when that system was used to attack you. Proponents argue hack-back deters attackers and recovers losses; opponents warn of attribution errors, collateral damage to innocent hosts, escalation, and the lack of judicial oversight. Most regulators and frameworks recommend pursuing law-enforcement, takedown providers, and active defense within owned assets instead.
● Examples
- 01
Private firm wipes data on a foreign server believed to host stolen intellectual property.
- 02
Victim deploys a remote-access trojan against a phishing kit's command-and-control server.
● Frequently asked questions
What is Hack-Back?
Offensive retaliatory action by a private victim against an attacker's infrastructure, generally illegal under most national computer-misuse laws. It belongs to the Defense & Operations category of cybersecurity.
What does Hack-Back mean?
Offensive retaliatory action by a private victim against an attacker's infrastructure, generally illegal under most national computer-misuse laws.
How do you defend against Hack-Back?
Defences for Hack-Back typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for Hack-Back?
Common alternative names include: Counter-hacking, Offensive countermeasures.