Home / Blogs

State Hacking: Do's and Don'ts, Pros and Cons

Wout de Natris

Over the past days a lot has been said and written on counter hacking by enforcement agencies. The cause is a letter Dutch Minister I. Opstelten, Security & Justice, sent to parliament. Pros and cons were debated and exchanged. Despite the fact that I perfectly understand the frustration of enforcement agencies of having to find actionable data and evidence that gets criminals convicted in a borderless, amorphous environment, a line seems to be crossed with this idea presented to Dutch parliament. Where are we?

(Inter)national cooperation

Two things stand out for me in this discussion: information can be extremely hard to find on and around the Internet; national and international cooperation is apparently very hard to achieve.

a. Researching the Internet
The first is that it is often unclear where criminal activities, spam, hacks, espionage, etc. on the Internet really comes from. This all has to do with flaws in soft and hardware, the ease with which Internet resources can be acquired, hosting companies that specialise in bullet proof hosting and borders in the real world, that do not exist online and many, many more. Most of the options to change this lie beyond the grasp of governments, in the private realm.

b. Cooperation
The second is that national and international cooperation is very hard to establish, as the report of De Natris Consult shows. In other words receiving data and evidence from abroad takes time, effort and at times is completely impossible as some agencies and countries are not able to or flatly refuse to cooperate. People that state that this need to be bettered, are spot on, but also need to realise that this is going to take years if not decades to realise. If ever. At the same time: start working on it today, right after reading this blog post. Don't lose another second to start achieving it.

I'm not even bringing in coordination of effort between different entities at national and international level here, as it is too far beyond the reality of most people. One of the answers to a securer Internet does lie here though.

Both these approaches are in the realm of governments, so why do most not make haste to better the positions of agencies to investigate, cooperate and coordinate and their ability to have more success at what they are meant to do in the first place?

We have to conclude that the two roads presented here to a safer Internet at present do not present a solution.


So, back to hacking. The public person advocating it most loudly in The Netherlands is Ronald Prins, CEO of Fox IT, accused on Twitter by Dutch ex-parliamentarian Femke Halsmema of having a commercial interest in the matter. Whether true or not, is not really relevant here, as the idea is embraced by a Dutch minister (and his advisers). I want to go back to crossing lines. What if we reverse the subject?


In a dictatorship there are many laws that are not acceptable in a democracy. Still, they are the applicable law in those states. So here we are, hacking away and at some stage a dictatorship decides to do so also and manages to hack into a server, in this country, of a secure hosting company hosting the domain of subversive elements (free speech advocates in our vocabulary) within the dictatorship. As a result it arrests the whole organisation and executes most members after a show process. Soon after the executions the dictatorship reports the hack to the The Netherlands' government as part of an investigation on the basis of laws X and Y. This is only reciprocal, right? (I would not be surprised if this is not already standard practice, illegally, unannounced, without anyone knowing. Making it standard practise is another matter.) It's not something that a country like The Netherlands wants to see happening.


In a democracy the rule of law is the standard. If a country is to allow hacks nationally or internationally, it could only be after due judicial process before the hacking and checks afterwards. Nationally I'd say that this is and should be the standard. The law allows it or not and has obligatory, standardised procedures before it is allowed.

Internationally international law and agreements kick in immediately. The question whether a hack could ever produce actionable data and evidence is a principal one. But even if this hurdle is taken, the circumstances should be the same as nationally. Any other way the rule of law is undermined, with all the negative consequences to a democracy. So if hacks are to be allowed, not without due judicial process in The Netherlands and elsewhere. The circumstances and specifics must be very well defined, for any country wanting to go this way. A sort of last resort when all else fails.

Securing a nation

An element that I think is seriously overlooked in this discussion, is how does a country want to protect its citizens, institutions and industry from online threats? By counter hacking surely not. Even if copying actionable data and evidence from servers and computers situated abroad is to be allowed, if the criminals are active from an unwilling country, not much changes. I have more confidence in another approach, on which more at a later stage. It will take cooperation, international cooperation even.


Yes, I do believe that, under the proper circumstances, hacking could be a tool used in investigations. E.g. to determine the location of a server when this is unclear. It ought to be a sort of last resort though. If not it is going to be easier and easier for enforcement agencies to cross lines further and further, invading privacy further and deeper, "as we have nothing to hide". A descending scale. It did not work this way in the past and shouldn't in the future. Innocent until proven guilty seems to become a burden, but this is one of the bold underscores of democracy. Also in times of the Internet. Again: do not do a digital something just because you can, without discussing consequences in a serious way!

By Wout de Natris, Consultant international cooperation cyber crime + trainer spam enforcement. More blog posts from Wout de Natris can also be read here.

Related topics: Cyberattack, Cybercrime, Cybersecurity, Internet Governance, Law, Malware, Policy & Regulation, Privacy


Don't miss a thing – get the Weekly Wrap delivered to your inbox.


To post comments, please login or create an account.

Related Blogs

Related News

Explore Topics

Dig Deeper

DNS Security

Sponsored by Afilias

IP Addressing

Sponsored by Avenue4 LLC

Mobile Internet

Sponsored by Afilias Mobile & Web Services


Sponsored by Verisign

Promoted Posts

Buying or Selling IPv4 Addresses?

Discover ACCELR/8, a transformative IPv4 market solution developed by industry veterans Marc Lindsey and Janine Goodman that enables organizations buying or selling blocks as small as /20s. more»

Industry Updates – Sponsored Posts

Join Neustar's Town Hall Meeting and Help Shape the Future Of .US

Verisign Named to the Online Trust Alliance's 2017 Audit and Honor Roll

Why the Record Number of Reverse Domain Name Hijacking UDRP Filings in 2016?

Attacks Decrease by 23 Precent in 1st Quarter While Peak Attack Sizes Increase: DDoS Trends Report

Leading Internet Associations Strengthen Cooperation

i2Coalition to Present Tucows CEO Elliot Noss With Internet Community Leadership Award

Verisign Releases Q4 2016 DDoS Trends Report: 167% Increase in Average Peak Attack from 2015 to 2016

Michele Neylon Appointed Chair Elect of i2Coalition

Verisign Q3 2016 DDoS Trends Report: User Datagram Protocol (UDP) Flood Attacks Continue to Dominate

2016 U.S. Election: An Internet Forecast

Government Guidance for Email Authentication Has Arrived in USA and UK

ValiMail Raises $12M for Its Email Authentication Service

MarkMonitor Supports Brand Holders' Efforts Regarding .Feedback Registry

Don't Gamble With Your DNS

Defending Against Layer 7 DDoS Attacks

Understanding the Risks of the Dark Web

New TLD? Make Sure It's Secure

Verisign Releases Q2 2016 DDoS Trends Report - Layer 7 DDoS Attacks a Growing Trend

How Savvy DDoS Attackers Are Using DNSSEC Against Us

Facilitating a Trusted Web Space for Financial Service Professionals