By Dr. Ann Griffiths, 8 December 2021
Government agencies in both Canada and the United States have both acknowledged publicly for the first time that they are targeting the hackers who have targeted their countries in ransomware attacks. In Canada, the Communications Security Establishment (CSE) acknowledged this week that it has conducted cyber operations against foreign hackers to "impose a cost" for the growing levels of cybercrime, most recently a ransomware attack against the healthcare system in Newfoundland and Labrador. In the United States, Cyber Command, a unit of the US military, acknowledged that it is taking steps to combat cybercriminal groups that have perpetrated attacks on American companies following ransomware attacks on Colonial Pipeline, which supplies almost half of the East Coast’s fuel, and JBS USA, one of the largest meat suppliers in the country. The US military is getting involved in what would normally be seen as a criminal matter because it sees these attacks as attacks on the critical infrastructure of the country. While we want the good guys to win, and the bad guys to be punished, this raises some issues. If the good guys do what the bad guys do to catch the bad guys, does that make the good guys bad guys? There are some pretty interesting legal and ethical grey areas.
See “Canadian spy agency targeted foreign hackers to ‘impose a cost’ for cybercrime,” https://www.msn.com/en-ca/news/other/canadian-spy-agency-targeted-foreign-hackers-to-impose-a-cost-for-cybercrime/ar-AARx8IA?ocid=msedgdhp&pc=U531
“US military hacking unit targets cyber criminals behind ransomware attacks” https://www.msn.com/en-ca/news/other/us-military-hacking-unit-targets-cyber-criminals-behind-ransomware-attacks/ar-AARxqto?ocid=msedgdhp&pc=U531
