Question

A worm is infecting systems by exploiting a bug in a popular server program. It is spreading rapidly, and systems where it is deleted quickly become reinfected. A security researcher decides to launch a counterattack in the form of a defensive worm. Whenever a break-in attempt comes from a remote host, the defensive worm detects it, heads off the break-in, and exploits the same bug to spread to the attacking host. On that host, it deletes the original worm. It then waits until that system is attacked, and the cycle repeats.

1. Many people would claim that launching a counterattack in this scenario is ethically unacceptable. Give at least three arguments that support this view.
   2. Are there circumstances or conditions under which a counterattack would be ethically justified? Explain your reasoning.

Answer 1

Hi,

---------------------------------------------

Counterattack is an active response to computer threats like infecting worm. It may be unethical because:

• Counter attack may backfire and uncertain whether it would successful to remove the worm.
• Defensive worm is like original attack in reverse direction and may spread without the consent of the computer owners or computer network system administrators.
• Attacker may modify the worm to exploit and fight against the defensive counter technique. In this case the counter attack worm intensifies the original attack.

-------------------------------------------------

Counterattack would be ethically justified if the worm is causing danger to real life or causing life-threatening risks. For Example, consider worm infections in an IoT (Internet of Things) devices that are deployed to enhance human life. Worm infections on these IoT devices can be life threatening. It is ethically under these circumstances to launch counter attack to the affected devices. This may accompany with rollout of proper software patch to unearth the worm infections on the devices in the future.

---------------------------------------

Thanks.