Proposed 'Hack Back' Bill Would Help Companies Hunt Down Hackers

Today’s topics include a Georgia congressman looking to breathe new life into a controversial proposed hack back bill; Google adding new anti-phishing features to Gmail; IBM and Cisco joining forces to integrate threat intelligence to improve cyber-security; and Microsoft partners readying Windows mixed reality headsets in time for the holidays.

Georgia congressman Tom Graves has made a second attempt to craft legislation that carves out legal exemptions for companies that "hack back" at attackers, posting a revised draft on May 25 that allows for beaconing technology, creates a mandatory reporting requirement and further protects against collateral damage.

The goal of the legislation, known as the Active Cyber Defense Certainty Act, is to help companies identify and take steps against online attackers.

The legislation, which has not yet been formally introduced in the U.S. House of Representatives, would allow organizations to create software that would "beacon out" and identify the IP address of an attacker and would allow the destruction of stolen data on a compromised system not actually owned by its operator.

Google has rolled out several security updates for enterprise users of Gmail. The updates include a new machine-learning-based phishing detection capability, click-time warnings for malicious links and warnings for unintended external replies.

While Google has designed these security updates with enterprise users in mind, they will become available to all Gmail users. Gmail's updated anti-phishing capability uses a new algorithm to flag and delay potentially suspicious messages.

Machine learning has already helped Gmail achieve 99.9 percent accuracy in detecting and blocking spam and phishing messages, Andy Wan, senior product manager of counter abuse technology at Google, said in a blog.

On May 31, IBM and Cisco announced a new agreement that will see the two technology giants collaborate more closely on security threat intelligence, products and services.

"Cisco and IBM have been partnering at various levels for a long time," Jason Corbin, Vice President of Strategy and Offering Management at IBM Security, told eWEEK.  "As Cisco's security portfolio has grown and as IBM's has grown, it has been really interesting to see just how complementary [the two companies’] security portfolios are," he added.

One of the areas where IBM and Cisco will now work more closely together is in sharing threat intelligence.

Microsoft planted the seeds for affordable augmented-reality and virtual-reality experiences with this spring's release of the Windows 10 Creators Update. Later this year, PC owners who pony up a little extra cash for a new Windows-compatible mixed-reality headset will finally get to see—and hear—what the fuss is about.

Intended to help push augmented reality and virtual reality into the mainstream, Windows 10 Creators Update includes software components that provide convincing virtual experiences on Windows PCs with modest specifications.

Last fall, Microsoft announced that it was working with its hardware partners on headsets with prices starting at $299. At this week's Computex 2017 trade show in Taipei, some of those hardware makers offered an early look at their headsets, which are slated to start hitting store shelves during the 2017 holiday season.