Skip to content

Search Results for: active defense

In Defense of Microsoft’s Active Defense Against No-IP

The Microsoft take-down of malicious DNS has stirred a healthy debate. This is the sort of active defense dilemma we have been presenting on for years, trying to gather people to discuss. Now it seems to be of interest thanks to a court order authorizing a defense attempt against malware: take-over and scrubbing of name […]

Update: Putting and End to the End of Active Defense

I recently read an article, “Putting an end to ‘strike back’ / ‘active defense’ debate…”, and another it linked to, “Managing The Legal Risks Of Active Defense,” wherein my friend Bob Clark was quoted.  Here is my response:  Why in the world would we end the debate?  Security sucks and the bad guys have a […]

Putting and End to the End of Active Defense

Today jerichoattrition wrote a provocative blog post called “Putting an end to ‘strike back’ / ‘active defense’ debate…” The magic phrase offered is this: Ending the Debate In One Easy Line If a company can’t do defense correctly, why do you think they can do offense right? That simple, that logical. Security experts are fond […]

Active Defense/Hack Back and “Complete Ignorance”

Many recent articles on “Active Defense” seem to just sensationalize the topic and draw broad sweeping conclusions based on so-called experts with little research, though analysis, or seeking to help resolve the true problem, that companies today are under massive attack with little to no help.

Active Defense: Attribution is just not that important

“Active Defense” has made a lot of headlines lately. Most relate it to hack back. The main complaint or concern by those against “Active Defense” and many of those just being cautious, is that without attribution of your attacker you could be hitting an innocent bystander. I say bunk. Attribution is not that important. Read on.

Active Defense/Hack Back/Attribution – The Saga Continues

I have noticed, at least amongst lawyers, there does not seem to be much middle ground when it comes to “Active Defense” or hack back and the right of self-defense. Those who comment on it either agree self-defense exists in cyberspace, with very few in this camp, or it doesn’t, which is where the majority stand. All I ask of most is don’t simply jump to the conclusion that self-defense does not exist and “Active Defense” or hack back is illegal, but instead look at the arguments, potential fact scenarios, and definitions. Continue reading for my definition of “Active Defense.”

Active Defense: Is it time to test in court? Correcting the Record!

Here are my views on Active Defense in the context of setting the record straight on what I said in a recent Bright Talk panel discussion. Is Active Defense illegal? No! Is attribution impossible? No! And many other issues.

‘Active Defense’ will Improve Cyber Security

Lately I’ve seen many articles about “active defense” and “hack back.”  This is good because current defenses aren’t working and being in a constant state of defensive mode is not a lot of fun.  Something needs to be done.  The problem is many of these articles take a doomsday approach to the topic.  Comments like, […]

Active Defense: Moving the Discussion Forward

Hacking has gotten more prevalent. Businesses are under constant attack. Current defenses aren’t working. More options are needed. Active defense is one option and the discussion regarding the concerns needs to be started and moved forward.

Active Defense: “We are the Government; We are here to help.” Well, not so much

Is the government going to rescue your company from malicious hackers or do you need to find a way to defend your company. Active Defense could be the answer you are looking for.

Active Defense in Nature: Lions Forced into “Landscapes of Fear”

The Journal of Applied Ecology has featured a study of predator behavior based on perceived risk. …it is now well recognized that predators can impose strong top-down controls on ecosystems. What is less recognized is that even top predators live in landscapes of fear too… Lion and Human Prints by jit bag on Flickr, CC […]

2012 CONSEGI Presentation: CyberFall

I presented “CyberFall: Active Defense 2012” (PDF, Article) at the Fifth Congress International Free Software and Electronic Government – Consegi 2012. It is a matter of when, not if, your systems will be breached by attack. Many security experts argue against an active defense plan for fear of legal ramifications, harm to innocent bystanders or […]

The Fourth Bullet – When Defensive Acts Become Indefensible

At the RSA Conference Europe 2012 last week David and I explained how businesses can build a real Active Defense plan, as reported by The Register. Companies and governments are constantly under siege by hackers and malware. Standard incident response is failing and police are overstretched. Faced by these challenges, small businesses have the option […]

Hack Back is Here

In February of this year I announced at RSA SF, in my presentation on breach data and trends, that this year will mark a new era of legitimate and legal hack-back services. There is no question that self-defence has been in practice for many years and companies have provided hack-back services, but they tended to […]

Cloud Enclaves, Multitenancy and FISMA

Los Alamos National Labs (LANL) is a security research institution responsible for American nuclear deterrence. They have invested in security management practices and moved from a federal regulatory concern to an award-winning (see below) leader in security and compliance. How did the Lab get to this point? A major effort to measure risk, apply National […]


flyingpenguin, a security consultancy, designs and assesses risk mitigation, compliance and response solutions, as well as delivers strategic and competitive knowledge to security software and hardware vendors. Innovation, integrity and transparency are hallmarks of our services and products: Active Defense (i.e. Legal Briefs, Response and Investigation) Application Reviews Compliance Assessment and Risk Management Consulting Digital […]

Presentations and Publications

Presentations | Sample Feedback | Publications Presentations January 2018 “Unpoisoned Fruit: Seeding Trust into a Growing World of Algorithmic Warfare,” AppSecCali November 2017 “Managing Cloud Security Design and Implementation in a Ransomware World,” MongoDB Europe October 2017 “Safe Shipping With Big Data: Don’t Make It an Oar Deal”, ISACA-SF “Hunting The Unknown With AI”, ISACA-SF […]

American Pro-Slavery History Markers

Charlotte, North Carolina, has a history marker that I noticed while walking on the street. It is in need of major revision. Let me start at the end of the story first. A search online found a “NC Markers” program with an entry for L-56 CONFEDERATE NAVY YARD. Closer to the end of the war…tools […]

Why Do We Hack?

I’ve seen recently some weird speculations on motive of a hacker. Personally I prefer to focus on consequence because that defines our control options best. I learned to make this switch while studying the history of Vietnam War and seeking motives.(1) What motivated American leaders to kill so many people? Try reading “Advice for Soldiers […]

Cyberwar revisionism: 2008 BTC pipeline explosion

Over on a site called “Genius” I’ve made a few replies to some other peoples’ comments on an old story: “Mysterious ’08 Turkey Pipeline Blast Opened New Cyberwar” Genius offers the sort of experience where you have to believe a ton of pop-up scripts is a real improvement over plain text threads. Perhaps I don’t […]

Was Stuxnet the “First”?

My 2011 presentation on Stuxnet was meant to highlight a few basic concepts. Here are two: Sophisticated attacks are ones we are unable to explain clearly. Spoons are sophisticated to babies. Spoons are not sophisticated to long-time chopstick users. It is a relative measure, not an absolute one. As we increase our ability to explain […]

On Kristallnacht: Tom Perkins Edition

This is not exactly a post I wanted to write. I watched a general reaction to Tom Perkins, however, and felt a serious gap emerging in the news. I started to wonder who would respond with a detailed take-down of his letter. Tom Perkins is obviously wrong to compare himself to Jews persecuted under Nazi […]

infosec insights on the benghazi attack

yesterday in my presentation at UNITED Security Summit i offered to drop my presentation on defending the virtual environment and instead speak on the crisis in US foreign policy and attacks on US citizens in north africa. the audience seemed surprised but i wasn’t kidding. to strike a balance i tried to blend the two […]

Naming names, BOF and the Chinese APT

One of the great legacies of Roman Emperor Justinian the Great (527 to 565) was a uniform revision of law. It has remained the basis of civil law in many parts of the world. In his Byzantine IUSTINIANI DIGESTA of the year 533, for example, it was written: 22.3.2 Paulus libro 69 ad edictum Ei […]

NRA Attacks Lawyers

I suppose everyone now and again takes a shot at lawyers. Here’s one of my favorites: Client: “I hear your hourly rate is really expensive. If I give you $600 could you answer two questions for me?” Lawyer: “Yes. Now what’s the second question?” But the NRA might find their latest magazine cover messaging on […]