Security Hero Rotating Header Image

If a security vendor breaks into a malicious site, is it hacking?

If a security vendor breaks into a malicious site, is it hacking?

A security researcher I spoke with at the RSA Conference this week described an investigation his company had undertaken recently of a malicious Web site that had victimized dozens of people in this country and elsewhere.

A lot of the very specific details he shared about the site and how it was structured and what sort of data files it contained could have only come from him or his counterparts having broken into the site themselves. That perhaps explains why the PR folks at the company are now so anxious I don’t write anything about it until they clear everything with their legal folks.

Based on the information provided by the security vendor, the site certainly deserves to be taken offline and probably will, by law enforcement soon enough. The question is does that make the practice right? Is it okay for security researchers and vendors to break into a site, however good the justification might be, without some sort of legal oversight or permission? It’s not a particularly new question for sure, but it’s one that is becoming more important to address with cyber crooks running rampant on the Web these days.


Leave a Reply

Your email address will not be published. Required fields are marked *