COMPUTER security managers trying to keep hackers out of their networks may
be breaking the law if they use an aggressive new breed of program that mounts a
counterattack against intruders.
Most networks that have links to the outside world are protected by a
combination of hardware and software known as a 鈥渇irewall鈥, which simply blocks
unauthorised access. But now a company called the FutureVision Group, of Santa
Fe, New Mexico, has unveiled a security system it calls Blitzkrieg, which is
designed to retaliate against hackers. The program was developed by a former
physicist, Laurence Wood, who says it applies aspects of complexity theory and
insights into how biological systems self-organise.
Blitzkrieg is installed on a central server, from where it places small
鈥渄aughter鈥 programs on machines that are part of the network it is meant to
protect. Each of these programs monitors its host computer, and builds up a
profile of the normal pattern of data traffic. Once the system has learnt this
profile, the server will alert security staff to any unusual activity.
Advertisement
Wood says the software can detect subtle changes in network use that can even
reveal damaging programs hidden inside harmless data, which may infiltrate a
network over a period of days. 鈥淚t鈥檚 very good at cross-correlating a large
number of complex events,鈥 he told 快猫短视频. FutureVision plans to
demonstrate the software next month at the TechNet International `98 conference
in Washington DC.
The company says it has developed separate military and business versions of
Blitzkrieg. According to Wood, the military version is designed to wage
information warfare by launching virus-type attacks against a hacker in an
attempt to destroy data on the intruder鈥檚 computer.
Wood says the company is also producing a less aggressive business version
that wards off likely attacks. These include a common type of assault, called a
denial-of-service attack, which attempts to knock a server offline rather than
steal files.
Alistair Kelman, a British lawyer who specialises in IT law, warns that
legislation in Britain and the US makes it illegal to damage other people鈥檚
computers, even in self-defence. 鈥淵ou are not entitled to go for vigilante-type
gestures,鈥 he says. Kelman says that the danger that the system might retaliate
against the wrong people, or those who have simply made a mistake, would
probably rule out any widespread use.
Phil Cracknell, a consultant at security company Zergo, in Basingstoke,
Hampshire, says that any security managers contemplating a counterattack would
have to be sure they were being hacked before acting. 鈥淚t would have to be a
definite and persistent attack before you would get away with it,鈥 he says.
鈥淰erifying that it鈥檚 a hacking incident rather than just a mistake can be very
诲颈蹿蹿颈肠耻濒迟.鈥
Cracknell says that Zergo has developed its own anti-hacking software that
simply drops the line between the hacker and the target computer, rather than
fighting back aggressively.