Crown Prosecution Service to challenge court’s decision on ‘unauthorised modification’ to system
The government is to appeal against a court ruling made last year that exposed serious holes in UK laws aimed at protecting businesses and individuals from cyber criminals.
The Crown Prosecution Service (CPS) will next week challenge the original decision made by District Judge Kenneth Grant that saw a teenager acquitted after allegedly crashing his former employer’s computer systems by sending five million emails.
During last year’s hearing at Wimbledon Magistrates’ Court, the judge ruled the teenager had not made an ‘unauthorised modification’ to systems under the Computer Misuse Act because the company’s email server had been set up specifically to receive emails.
But the CPS will argue at the Court of Appeal that deliberate acts such as distributed denial of service (DDoS) attacks should be treated as unauthorised, regardless of whether a system is set up to receive emails or data requests.
If the CPS is successful the teenager could be retried or the ruling could automatically become part of case law and used in future prosecutions.
Clive Gringras, partner at law firm Olswang, says it is critical that last year’s ruling is overturned. If the ruling were allowed to stand it could leave the UK susceptible to a growth in DDoS attacks.
‘It is a loophole that needs to be closed. DDoS and mail bombing software works by sending tiny firecrackers, rather than a big bomb, to bring down the system,’ said Gringras.
‘What is needed is a general restatement of where the legislation stands.’
If these kinds of acts are allowed to be continued unpunished, the UK could become a breeding ground for international crime gangs that use DDoS attacks to blackmail ecommerce firms, he says.
The government is also trying to strengthen computer misuse laws by introducing a clause to the Police and Justice Bill, which will explicitly classify denial of service attacks as a crime.
Institute of Directors senior policy adviser Jim Norton has welcomed the decision by the CPS. He says DDoS attacks are an increasing and worrying problem for businesses.
‘We would welcome clarification under the old law and would also like to see it tidied up with new ones,’ said Norton.
The government is to appeal against a court ruling made last year that exposed serious holes in UK laws aimed at protecting businesses and individuals from cyber criminals.
The Crown Prosecution Service (CPS) will next week challenge the original decision made by District Judge Kenneth Grant that saw a teenager acquitted after allegedly crashing his former employer’s computer systems by sending five million emails.
During last year’s hearing at Wimbledon Magistrates’ Court, the judge ruled the teenager had not made an ‘unauthorised modification’ to systems under the Computer Misuse Act because the company’s email server had been set up specifically to receive emails.
But the CPS will argue at the Court of Appeal that deliberate acts such as distributed denial of service (DDoS) attacks should be treated as unauthorised, regardless of whether a system is set up to receive emails or data requests.
If the CPS is successful the teenager could be retried or the ruling could automatically become part of case law and used in future prosecutions.
Clive Gringras, partner at law firm Olswang, says it is critical that last year’s ruling is overturned. If the ruling were allowed to stand it could leave the UK susceptible to a growth in DDoS attacks.
‘It is a loophole that needs to be closed. DDoS and mail bombing software works by sending tiny firecrackers, rather than a big bomb, to bring down the system,’ said Gringras.
‘What is needed is a general restatement of where the legislation stands.’
If these kinds of acts are allowed to be continued unpunished, the UK could become a breeding ground for international crime gangs that use DDoS attacks to blackmail ecommerce firms, he says.
The government is also trying to strengthen computer misuse laws by introducing a clause to the Police and Justice Bill, which will explicitly classify denial of service attacks as a crime.
Institute of Directors senior policy adviser Jim Norton has welcomed the decision by the CPS. He says DDoS attacks are an increasing and worrying problem for businesses.
‘We would welcome clarification under the old law and would also like to see it tidied up with new ones,’ said Norton.
Share this page
Email this page
Back to Top
Home
Edit Post
0 comments: