"There may be some space for the private sector to conduct what in the physical domain I would call counter-battery fire, under very strict and limited circumstances," Hayden said on the possibility of private sector retaliation.
Hayden argued that the US government has been "late to need" in offering comprehensive standards for strengthening cybersecurity in the private sector. The former intelligence official is willing to entertain the concept of the private sector acting independently, saying "I am not 100 percent sure it's 100 percent wrong."
The former NSA Director acknowledged, however, that authorizing hack-backs comes with significant consequences including turning cyberspace "into a free-fire zone, which would not be beneficial to anyone."
Foreign nation states hit with a hack-back would also be more likely to blame the government of the United States as opposed to a particular company, Rogers said. This could lead to an escalation, he added, "which you [the US government] didn't start and you're not sure how you're going to settle."
Over the course of 2014, numerous US institutions have been hit with cyberattacks including financial giant JP Morgan and US federal agencies such as the State Department.
Earlier this week, US President Barack Obama proposed legislation to improve cybersecurity and enhance consumer privacy. The plan was announced following the high profile cyberattack on Sony Entertainment and a terrorist hack into Pentagon social media accounts.
