A recent news report claims that "self-help" provisions under the US law enable individuals to "take action to mitigate an obvious nuisance", thus providing a potential loophole for targets of malicious hackers to retaliate in kind.
Retaliation may involve gaining access to a "zombie" system participating in a Distributed Denial of Service (DDoS) attack and shutting down the offending process, or preventing a machine infected with a network worm from being able to propagate. "Zombies" are compromised computers that a malicious hacker is using as a pawn in a DDoS attack. Often these will be home-user systems that have been compromised months prior to being activated.
However Australia's Erhan Karabardak, senior associate and IT law specialist with Jerrard and Stuk Lawyers in Melbourne, says that Australian law doesn't allow net vigilantism and that won't be changing.
"I couldn't foresee that this kind of behaviour would ever be authorised by any law in the near future," he told ZDNet Australia .
Laws dealing with computer crimes in Australia include the Crimes Act and the Summary Offences Act.
Legal aspects aside, Karabardak says that such an approach may lead to absolute pandemonium due to malicious hackers and bored system administrators waging war with one another.
"Can you imagine if everyone who was being attacked by some script kiddy. all responded by hacking back? The incidence of hacking would just be amazing," he said.
"It could potentially lead to chaos," he added.
I have worked in criminal prosecutions for many years, and neither I, nor any competent lawyer, would waste public resources by prosecuting the type of activities discussed in this article. Practitioners of IT Law should refrain from commentating upon the criminal law, and stick to peddling snake oil...