The United States, stepping boldly into the 19th century…
What a contrast between the glorious race to the moon in the 60’s, and medicine by leeches under RFK Jr’s HHS and congresscritters wanting to bring back privateering in 2025… The Roman empire took centuries to collapse, and it only took the US 50 years. Quite stunning.
It is a bad idea. The problem is that counter-hacks don’t work.
Any somewhat decent hacker knows the secret of backups and botnets. They don’t attack using their own PCs but some random grandma’s hacked bot PC. So when you counter-hack them, you just nuke random useless bot PCs, which doesn’t harm the hacker at all. And if you manage to hack their own infrastructure, they just wipe it and upload the backup.
So what’s more likely to happen under a scheme like this is that the US hacker will likely just hack russian infrastructure or companies, so doing the same thing we hate about russia.
Also, stuff like that tends to decrease security for everyone.
You are correct, but I just want to mention that the guys operating botnets are not usually the smart ones — they’re just the skids who are have the patience to actually do social engineering and phishing, or coming up with clever stuff to hide malware in.
A lot of the time, the operators of these large networks are caught simply because they didn’t think they needed to hide the IP, MAC or Hostname of the orchestrating machine. Sometimes it is as easy as supoening the purchase records for an off-the-shelf VPS. One time, an operator was caught because a text file captured that it was encoded using a very specific country keyboard type.
That might be outdated in many cases. Botnet operators usually are infrastructure providers nowadays. Hardly anyone operates and uses a botnet at the same time. Usually you have a very professional group who create and run the botnet, and they then rent it out to another person or group who then actually use the botnet.
Getting caught is also not really the issue at hand, we are talking about counter-hacking against hackers operating from countries that don’t care about what these hackers are doing. Can’t rely on e.g. russian police to bust a group of russian hackers who hack US companies.
So finding these hackers is hardly of help, and hacking them to destroy their setups or something like that also hardly matters, since they can quickly recreate anything that was destroyed.
I mean that’s not a bad thing with the war in Ukraine unfolding.