I found this information interesting:
The presumed answer is yes! In the US alone, the Department of Justice calls hacking back “likely illegal”; the Federal Bureau of Investigation “cautions” victims against it; and White House officials call it “a terrible idea.”
But none has clearly declared it illegal. Ethics for guidance, might permit hacking back.
If cyber-attacks are a law enforcement issue, the usual solution is to let the authorities handle it.
Every one has the right to self-defense is basic and does not go away, even when help is on the way. In a home robbery, for example, it’d be reasonable to defend your family while waiting for the police, since a lot can happen in the several minutes in between.
But what if you can’t identify the attacker? What if he’s really an innocent person who accidentally stumbled into your house? These are the worries with hacking back.
Another worry with hacking back is that it may escalate a conflict: it may invite retaliations, further mayhem, and collateral damage. But this is too broad an objection, as any case of self-defense could be accused of the same provocation. Critics also worry that hacking back may destroy evidence needed for prosecution of the initial attack. Putting aside a lack of reliable prosecution against cyber-attackers in the first place.
Since ethic and Law may have been prejudged on hacking back, If there are more options when responding to cyber threats, and when we’re still grappling with the cyber domain conceptually, it may be premature to take any reasonable options off the table.