background preloader

Computer Misuse

Facebook Twitter

Rehabilitation for cyber-criminals. New responses to new crimes Most readers will be more than familiar with the rapid rise in cybercrime (which now amounts to at least one sixth of all offences), and the main ways of protecting ourselves and our work organisations from cyber attacks.

Rehabilitation for cyber-criminals

We gather from the news that many hackers are young people who seem to get the same sort of excitement from their cyber exploits as previous generations of teenagers did from stealing and racing cars. Back in the day, no self-respecting Youth Offending Service was without a motor project to try to channel young men’s (most young people involved in this form of crime were male) fascination with cars into more legal activities. Now, the same sort of approach is being tried with young cyber criminals. Rehab camps Last month (July 2017), the National Crime Agency ran its first weekend camp for young computer criminals in Bristol. After the weekend, one attendee said: The skills are so transferable with this crime type.

What is the Computer Misuse Act? With the rise of personal computing devices in the 1980s and their increased prominence in businesses, lawmakers drafted fresh rules that aimed to protect the information increasingly on these machines.

What is the Computer Misuse Act?

The Computer Misuse Act (CMA) 1990 is a key piece of legislation that criminalises the act of accessing or modifying data stored on a computer system without appropriate consent or permission. It was devised after the Regina v Gold and Schifreen case of 1987, in which two hackers remotely accessed BT’s Prestel service at a trade show using the credentials of a BT engineer. The two defendants, Robert Schifreen and Stephen Gold used a technique known as shoulder surfing to ascertain these credentials, and eventually hunted down the email account of the Duke of Edinburgh, Prince Philip, once they had infiltrated the Prestel system. BT had noticed odd behaviour on the account they were using, and began monitoring this activity, before passing their intelligence to the police.

Download now. Computer Evidence - Computer Misuse Act 1990 cases. UK Information Security and Computer Laws. On this page I will touch on the key UK Information Security and Computer laws that we must keep in mind as Penetration Testers.

UK Information Security and Computer Laws

I recently had to review these Laws/Acts as part of my ongoing professional development, so thought it would be useful to create a quick page to pull them all together in a central place and write up some info on them. I have pulled content from other sources mainly Wikipedia, however I have clearly sited where used. (This is more for my own revision however someone else in my position may also find the content useful, however is still very much under construction). Computer Misuse Act 2000 The Computer Misuse Act 2000 introduces three new criminal convictions as outlined by Wikipedia (January 2017).

Data Protection Act 1998 The Data Protection Act 1998 defines 8 key principles as outlined by Wikipedia (January 2017): Investigatory Powers Act 2016 (Snooper’s Charter) Regulation of Investigatory Powers Act (RIPA) 2000 Police and Justice Act 2006. Don’t Get Caught Out by the Computer Misuse Act. Specialist IT lawyer and Head of Technology at national law firm, Clarke Willmott LLP, Susan Hall, warns that the idea of ‘hacking’ can cover a number of offences and online pranksters should be aware that what they’re doing probably won’t be considered harmless fun.

Don’t Get Caught Out by the Computer Misuse Act

Online pranks can carry serious consequences. When a journalist asked Kemi Badenoch M.P., “What’s the naughtiest thing you’ve ever done?” They probably were not expecting her to confess to a crime. However, when she admitted that “about ten years ago” she hacked into a Labour MP’s website and “changed all the stuff in there to say nice things about the Tories” that was exactly what she did. Unauthorised access to computer systems can cover hacking, as in this case, or accessing a system to which you have legitimate access for an unauthorised purpose. Hacking was criminalised in 1990 by the Computer Misuse Act (the Act). “Youthful exuberance” also looks a little hollow when applied to the 28-year-old Badenoch. Computer Misuse. Computer Misuse Businesses, government and academic institutions are increasingly reliant on the Internet for their day-to-day business, while consumers are using e-commerce more and more for purchasing goods and services.

Computer Misuse

This implies ever-increasing opportunities for hackers and virus writers to disrupt the activities of their fellow citizens. Hacking first became a prominent issue in the 1980's, with the publicity achieved by exploits such as the Internet Worm, but at that time it was not clear how law enforcement agencies could best tackle this new threat. Hackers were not causing physical damage to anyone's property; if they refrained from modifying files but simply logged on to a system without permission, it was hard to see what crime they could be committing under existing law apart from the theft of a negligible amount of electricity.

A prominent case in the UK: Two journalists discovered a password that gave them unbilled access to British Telecom's Prestel service.