In the face of Flame, Stuxnet, Duqu and a host of other state-sponsored malware or other attacks, the kind of security most companies can mount is weak, at best. Many have gone along with the stance the Pentagon announced earlier this year that assumes hackers will penetrate even secure networks and to construct defenses based on misleading, blocking or deceiving them, rather than stopping them at the firewall, according to Kenneth Minihan, former director of the National Security Agency when he spoke at the RSA security conference in San Francisco earlier this year.
Even at its worst, 'strike back' tactics are more forensics than special operations
The counterattacks are not like the "black ice" security in cyberpunk novels like William Gibson's Burning Chrome, that can strike back at attackers in lethal ways.
Many companies conduct forensic investigations designed to identify their attackers in greater detail and using more sophisticated methods than most law-enforcement agencies are willing to devote.
Others figure it's more effective to mess with the hackers directly.
One tactic is to set up honey pots and repositories of fake data that can give attackers the idea they've hit the mother lode, only to realize later they've been mining pyrite instead.
Another is to let hackers take documents faked or booby-trapped in ways that will identify the thieves later, or reveal information about the location, ownership and possible vulnerabilities of the hackers' machines, Alperovich said.
Counterstrikes, which are almost always covert due to the potential for the victimized company to break the same laws as their attackers, are still controversial among security pros.
They raise the stakes of an attack, inviting more serious counterattack, which is a losing game if the attacker is a national security agency rather than an organized crime gang.
They also raise the profile of the victimized company along with news that it has been hacked, making it a more likely target for other hackers, some security pros worry.
Before launching revenge strikes, check your corporate charter to see if you're in the revenge
Although the phenomenon is fairly new, the term is not precise. HBGary, famously hacked by Anonymous spinoff LulzSec last year after its CEO threatened to out several of its leaders, advertises "Active Defense" that is a node-by-node malware monitoring service , not a effort to strike back for a specific attack.
Columbia Pictures/Marvel Comics via Reuters