Hack bill to allow hacked companies to "hack back"

A "hack bill", which is currently in the House of Representatives, would allow hacking victims to take certain retaliatory actions against the attackers
21 October 2017   1641

Rep. Tom Graves (R-GA-14) and Rep. Kyrsten Sinema (D-AZ-9) have introduced the Active Cyber Defense Certainty (ACDC) Act in the House of Representatives.

Active Cyber Defense Certainty Act
Active Cyber Defense Certainty Act

Known as the “hack back” bill, H.R. 4036 would amend the Computer Fraud and Abuse Act (section 1030 of title 18, United States Code) by defining the parameters within which parties defending their own computers or networks can respond to attacks by hacking the perpetrators.

Thus, if passed, the ACDC would except a hacking victim (a “defender”) “who uses a [tracking] program, code, or command” to help identify the source of a hack from prosecution under section 1030, so long as the software “originated on the computer of the defender but [was] copied or removed by an unauthorized user”. On top of that, the defender’s actions must not “result in the destruction of data or result in an impairment of the essential operating functionality of the attacker’s computer system, or intentionally create a backdoor enabling intrusive access into the attacker’s computer system".

The bill would also exclude from prosecution a defender who carries out an “active cyber defense measure,” defined as any measure by which the victim accesses an attacker’s computer to gather information that would help identify the attacker, disrupt continued hacking, or monitor the attacker “to assist in developing future … cyber defense techniques".

The ACDC would also authorize hacking victims to retrieve and destroy files stolen from them.

Finally, the bill requires defenders to notify the FBI’s National Cyber Investigative Joint Task Force of the type of breach that occurred, the intended target of the victim’s active cyber defense measures, and the steps that the victim intends to take in order to preserve evidence of the hack and prevent future attacks. 

However, probably, it's too early to be so excited.

Computer defenders should also exercise ex- 2 treme caution to avoid violating the law of any other 3 nation where an attacker’s computer may reside.

From the Active Cyber Defense Certainty Act

Thus, the ACDC also highlights that if untrained actors are authorized to retaliate against hackers, they may end up inadvertently victimizing innocent third parties. In light of this reality, the bill’s cautionary statement seemingly undercuts much of the power that the bill aims to grant hacking victims.

Switcheo to Launch Cross-Chain ETH-NEO Atomic Swaps

Developers says that the technology of atomic swaps has been known for few years, but is not popular, since its implementation in practice is quite complicated
25 April 2019   55

Switcheo announced the official launch of the atomic swaps feature for the Ethereum and NEO blockchains.

From now on, Switcheo users have access to the inter-block exchange of their own token exchange, SWTH and ETH, which allows for the transfer of assets between two markets represented on the trading platform and makes Switcheo the first decentralized exchange that implements this functionality.

A challenge with existing trustless exchanges is that trades are confined to individual blockchains, limiting the market combinations that can be offered to users” says . With the launch of the new feature, users can now trade conveniently between ETH and NEO markets, while retaining full custody of their funds.

Ivan Poon

CEO, Switcheo

According to the developers, the technology of atomic swaps has been known for several years, but is not widely used, since its implementation in practice is quite problematic. Switcheo lead developer John Wong explained that his team spent a lot of time adapting the process to the user's needs and achieved the desired result.