A (former) security guy at Sandia Labs, Shawn Carpenter, was fired for “backhacking” systems that he detected attacks from. “Backhacking occurs when networks are attacked and someone on the hacked network responds with a counterhack or attack.” Even though he was cooperating with the FBI and Army Research Lab on the investigations, Sandia did not approve and ordered him to stop. He didn’t stop, so they fired him, and then he sued. Mr. Carpenter must have a damn good lawyer, because he won a $4.3 million judgment, largely in punitive damages. I’m a bit torn by that verdict. Although I admire him for detecting the attacks and trying to defend against them, actually backhacking was probably not a good idea. After all, that puts the liability on his employer, which clearly was not willing to accept it in this case.
For some more background on Shawn and this case, check out his Wikipedia entry.