While the notion of hoisting cybercriminals upon their own petard is undeniably appealing, experts in the fields of security and technology told CNBC that "hacking back" is little more than a pipe dream, as attributing a cyberattack to an exact origin is extremely difficult at best. Worse yet, it carries with it potentially dangerous consequences both at home and abroad.
"A policy of hack-back would allow the DNC or any private firm to take unilateral actions against Russian intelligence, possibly starting a cyberwar," said Anup Ghosh, founder and CEO of the security software company Invincea.
"The only thing we know for certain is what we don't know: who is behind the attacks provable in a court of law," he said.
"Attribution is nearly impossible to do perfectly, so the most likely implications would be retribution targeted against innocent third parties, whose machines were simply used as launch points without the knowledge of the owners," said Chris Finan, former White House cybersecurity director and CEO and co-founder of Manifold Technology.
"But equally important to consider would be potential violations of sovereignty that could be interpreted as acts of national aggression and could even prompt retaliatory measures against the country," said Finan.
The experts with whom CNBC spoke all had problems with the phrase "users have a self-defense right to deal with hackers as they see fit." Apart from simply being vague, it also appears to imply that victims of cybercriminals should have the right to mete out justice to the perpetrators, no matter how draconian.
"This seems to imply that people can do whatever they want to cybercriminals," said Chris Webber, security strategist at the cloud-based identity management firm Centrify. "The 'as they see fit' part raises this statement from typical rhetoric to dangerous propaganda… Since the statement is so poorly qualified, it seems any law can be disregarded when dealing with hackers. It's like saying anyone who steals your shoes can be beaten to death in the streets."
Webber wasn't fully dismissive of the platform's proposal, noting that cyber-insurance is an idea whose time may have arrived. He also conceded that the cybersecurity industry could be doing more to develop better technologies that prevent future attacks.