FBI Investigates Whether Banks Hacked Back after Iranian Data Breaches

This article brings to light another wrinkle in the ongoing debate around offensive countermeasures in cyber warfare.  What role should private industry play when foreign entities attack or manipulate US commercial institutions?  Do American businesses have the right to defend themselves or retaliate when attacked?  What role can/should the federal government play in these situations?