During a panel at this year's RSA conference judges and lawyers warned against companies taking the law into their own hands in cyberspace.
The presentation between judges and lawyers offered a mock trial between competing e-commerce firms. The trial was an attempt to illuminate the legality involved in cyber attacks based on self defence. It mirrored similarly cases involving Microsoft and botnet hosters.
The mock trial involved an e-commerce firm who discovered it was hacked. Telluria, as the firm was called, was able to trace the attack back to one of its competitors. The firm then spoke with its competitor, Nevia, who said it was not responsible for the attack.
Telluria eventually hired a third-party cyber security firm that was able to discover that Nevia had been hacked and the malware on its servers was attacking Telluria.
Following the investigation, Telluria brought the information to Nevia who reported that the firm was wrong and that it would do nothing to correct the issue. It was with that information that Telluria took matters into its own hands and removed the controller for the malware off of Nevia's systems.
Telluria's actions caused Nevia's operations to shut down and cost the firm millions in lost revenue. Nevia then took the case to court which set off the mock trial in full.
While no verdict was given in the case, much was discussed about the real world implications of similar cases. According to some on the panel, there is never a reasonable cause for actions similar to the ones performed by Telluria.
"I'm very sceptical of self-help. If I was general council I'd say that you shouldn't do that. Anytime you go down this road you don't know where it could lead," said Stephen Wu, partner at the law firm Cooke, Kobrick and Wu.
According to Wu, the best thing to do in cases similar to the one covered in the mock trial is to request a temporary restraining order (TRO) on the offending party. He said that requesting a TRO should offer a quick response time and lead to mediation between the two parties.
While Wu advised for a tempered response to an attack, fellow panelist Hoyt Kesterson reported that it was common practice for companies to take cyber security justice into their own hands 30 years ago.
The senior security architect at Terra Verde Services said that in the 1980s cyber vigilantism was common practice.
"In the '80s, before the law came to the internet, people took it on themselves to respond to attacks," said Kesterson during the panel.
The mock trial was similar in scope to what Microsoft does to takedown botnets. Redmond's current policy is to take over servers that are hosting botnets without the server owner's permission.
Microsoft instead takes over servers and tells the people involved to show up to court within 15 days for an explanation as to why it was shut out of its own infrastructure.