- Email: [email protected]
“Legal milestone” in UK computer crime law
Vol.
service. deal with
10, No.
3, Page
9
Despite this, no contingency such an eventuality.
plans
have
been
drawn
up to
The same is said to be true of many other Government computer Of the also to fraud and hacking. systems, which are susceptible 70 installations surveyed by Sir Gordon's office, 31 were found to have inadequate back-up systems and nearly half of those failed to take action after being warned of the dangers. operations may "Without adequate computer security, Government be disrupted, public assets may be put at risk and the personal or national security confidentiality of commercial, Even the possible information might be breached", says Sir Gordon. effects of indirect action have not been planned for, says the strike by DHSS computer staff report, citing a recent eight-month which resulted in a loss of f170 million from the in Newcastle, manual processing of social security claims and the need to pay the Post Office to help handle the paperwork. In all, the report concludes that much of Whitehall's computer network is "almost defenceless" against the threats of industrial action, fraud and mechanical breakdown. The report, Computer Security in Government National Audit Office: Departments, is available from Her Majesty's Stationery Office, price E3.90.
"LEGAL MILESTONE" IN UK COMPUTER CRIME LAW
In the first case of its kind, a 32-year old computer engineer, James McMahon, appeared before Isleworth Crown Court, London, in November 1987 accused of causing criminal damage by building "logic bombs" into a client's computer system in order cause breakdowns, necessitating the victim to pay for him to rectify the faults.
to
Prosecuting Counsel, Mr David Radcliffe, told the Court that the damage was caused by the insertion of unauthorized codes into the victim's software programs. The codes, which he described as "time or logic bombs", were of three types, he said. "The first was activated by delayed automatic action, a second was planned to activate immediately and the third was a delayed action "time bomb" which defused before it activated itself." Continuing, he alleged that "the person who entered the codes must have a specialized knowledge, not only of the computer but also of the applications software and the various specialist means of development, testing and creating programs capable of responding to the designs of their author." The codes were said to have resulted in a number of breakdowns which led to the victim, Pandair Freight Ltd of Birmingham, paying a total of Cl372 for McMahon to carry out repairs, a situation which Mr Radcliffe described as "an abuse of the trust placed in him as a skilled programmer". Companies which bought very expensive computer equipment were entitled to expect their programmers not to tamper with it, he added. At the time of the alleged offences, between December 1985, the victim was using minicomputers
November and manufactured by
Q 1988 Elsevier Science Publishers B.V.. Amsterdam.ittll/$O.OO + 2.20 No part of this publication may be reproduced. stored in a retrieval svstwn. or tr,insmlttwl hx ,gn\ turm or by Cant means. electronic. mechanical, photocopymg, recording or othrrwer. without thr: pnor pttrmisswn of the publishers (Readers
in the U.S.A.
-
please see special
regulations
listed
on back covur.l
Vol.
10, No.
3, Page
10
Digital Equipment Corp. Five of the charges related to causing damage and attempting to cause damage to and systems by means of unauthorized alterations to Prosecuting Counsel said it was the first case ever Crown Court in which the act of criminal damage was introduction of a code onto a program on a computer represents an important milestone in the development criminal damage in the computer field", he said.
specifically computer disks the software. brought to alleged by the disk. "It of the law on
McMahon was also accused of obtaining the 6'1372 by deception, contrary to the Theft Act, a more usual charge in the circumstances than introducing the concept of criminal damage to the somewhat indirect act of tampering with a software program. Perhaps more than anything, the Crown's decision to test the relevance of such actions to the existing law of criminal damage, highlights yet again the need for specialized legislation on the entire subject of computer crime. STOP PRESS: On 14 December, this case was thrown out of court "unsatisfactory evidence." McHahon as cleared when the Judge ruled there was no case to answer against Pandair Flight.
YOUNG HACKERS SEND FLOWERS TO POLICE
for
The growing number of hackers in Australia include adolescents operating with a disturbing sophistication, according to Victoria Police. Two of the allegedly less sophisticated have ended up in the Melbourne Magistrates Court, charged with obtaining property by deception through computer hacking. The defendants were already on bail for other charges of obtaining property by hacking, and to add insult to injury, it was alleged that they had used the credit card numbers of Fraud Squad officers to send them A$200 worth of flowers. The credit card numbers had been obtained by an accomplice, said the pol.ice. He was even younger than the two charged at the Magistrates Court and was ordered to appear in the Children's According to the police, this youthful accomplice had Court. gained the credit card numbers and unlisted telephone numbers of the Fraud Squad officers while working at the Victoria Police He had obtained the information from a computer. Credit Union. A police officer told the Magistrates Court that a card had been attached to the flowers, signed "BT" for "Blue Thunder", He said there was also allegedly the code name of the defendants. "You should have listened, you can't get a message which read: This was in reference to the threatening phone calls made to us." The the Fraud Squad officers on the unlisted telephone numbers. charges highlighted not only the vulnerable security of the Police Credit Union computer system, but also the apparent enthusiasm with which some young Australians are taking to illegal computer entry. From its own computer industry sources, the Victoria Police has learned that some young people have illegally entered the computer systems of major Australian companies and Government Some have hacked their way into bank accounts, departments. A police airline booking systems and the Telecom service.
service. deal with
10, No.
3, Page
9
Despite this, no contingency such an eventuality.
plans
have
been
drawn
up to
The same is said to be true of many other Government computer Of the also to fraud and hacking. systems, which are susceptible 70 installations surveyed by Sir Gordon's office, 31 were found to have inadequate back-up systems and nearly half of those failed to take action after being warned of the dangers. operations may "Without adequate computer security, Government be disrupted, public assets may be put at risk and the personal or national security confidentiality of commercial, Even the possible information might be breached", says Sir Gordon. effects of indirect action have not been planned for, says the strike by DHSS computer staff report, citing a recent eight-month which resulted in a loss of f170 million from the in Newcastle, manual processing of social security claims and the need to pay the Post Office to help handle the paperwork. In all, the report concludes that much of Whitehall's computer network is "almost defenceless" against the threats of industrial action, fraud and mechanical breakdown. The report, Computer Security in Government National Audit Office: Departments, is available from Her Majesty's Stationery Office, price E3.90.
"LEGAL MILESTONE" IN UK COMPUTER CRIME LAW
In the first case of its kind, a 32-year old computer engineer, James McMahon, appeared before Isleworth Crown Court, London, in November 1987 accused of causing criminal damage by building "logic bombs" into a client's computer system in order cause breakdowns, necessitating the victim to pay for him to rectify the faults.
to
Prosecuting Counsel, Mr David Radcliffe, told the Court that the damage was caused by the insertion of unauthorized codes into the victim's software programs. The codes, which he described as "time or logic bombs", were of three types, he said. "The first was activated by delayed automatic action, a second was planned to activate immediately and the third was a delayed action "time bomb" which defused before it activated itself." Continuing, he alleged that "the person who entered the codes must have a specialized knowledge, not only of the computer but also of the applications software and the various specialist means of development, testing and creating programs capable of responding to the designs of their author." The codes were said to have resulted in a number of breakdowns which led to the victim, Pandair Freight Ltd of Birmingham, paying a total of Cl372 for McMahon to carry out repairs, a situation which Mr Radcliffe described as "an abuse of the trust placed in him as a skilled programmer". Companies which bought very expensive computer equipment were entitled to expect their programmers not to tamper with it, he added. At the time of the alleged offences, between December 1985, the victim was using minicomputers
November and manufactured by
Q 1988 Elsevier Science Publishers B.V.. Amsterdam.ittll/$O.OO + 2.20 No part of this publication may be reproduced. stored in a retrieval svstwn. or tr,insmlttwl hx ,gn\ turm or by Cant means. electronic. mechanical, photocopymg, recording or othrrwer. without thr: pnor pttrmisswn of the publishers (Readers
in the U.S.A.
-
please see special
regulations
listed
on back covur.l
Vol.
10, No.
3, Page
10
Digital Equipment Corp. Five of the charges related to causing damage and attempting to cause damage to and systems by means of unauthorized alterations to Prosecuting Counsel said it was the first case ever Crown Court in which the act of criminal damage was introduction of a code onto a program on a computer represents an important milestone in the development criminal damage in the computer field", he said.
specifically computer disks the software. brought to alleged by the disk. "It of the law on
McMahon was also accused of obtaining the 6'1372 by deception, contrary to the Theft Act, a more usual charge in the circumstances than introducing the concept of criminal damage to the somewhat indirect act of tampering with a software program. Perhaps more than anything, the Crown's decision to test the relevance of such actions to the existing law of criminal damage, highlights yet again the need for specialized legislation on the entire subject of computer crime. STOP PRESS: On 14 December, this case was thrown out of court "unsatisfactory evidence." McHahon as cleared when the Judge ruled there was no case to answer against Pandair Flight.
YOUNG HACKERS SEND FLOWERS TO POLICE
for
The growing number of hackers in Australia include adolescents operating with a disturbing sophistication, according to Victoria Police. Two of the allegedly less sophisticated have ended up in the Melbourne Magistrates Court, charged with obtaining property by deception through computer hacking. The defendants were already on bail for other charges of obtaining property by hacking, and to add insult to injury, it was alleged that they had used the credit card numbers of Fraud Squad officers to send them A$200 worth of flowers. The credit card numbers had been obtained by an accomplice, said the pol.ice. He was even younger than the two charged at the Magistrates Court and was ordered to appear in the Children's According to the police, this youthful accomplice had Court. gained the credit card numbers and unlisted telephone numbers of the Fraud Squad officers while working at the Victoria Police He had obtained the information from a computer. Credit Union. A police officer told the Magistrates Court that a card had been attached to the flowers, signed "BT" for "Blue Thunder", He said there was also allegedly the code name of the defendants. "You should have listened, you can't get a message which read: This was in reference to the threatening phone calls made to us." The the Fraud Squad officers on the unlisted telephone numbers. charges highlighted not only the vulnerable security of the Police Credit Union computer system, but also the apparent enthusiasm with which some young Australians are taking to illegal computer entry. From its own computer industry sources, the Victoria Police has learned that some young people have illegally entered the computer systems of major Australian companies and Government Some have hacked their way into bank accounts, departments. A police airline booking systems and the Telecom service.