British police issue warning to internet hacktivists

Filed Under: Denial of Service, Law & order, Social networks, Twitter, Vulnerability

New Scotland YardThe Metropolitan Police have taken the unusual step of using Twitter to send a message to anyone considering supporting internet attacks against companies and governments.

A message posted on the Met Police's official Twitter account cautioned would-be hacktivists that engaging in denial-of-service (DDoS) attacks, defacing websites or breaking into corporate databases is illegal.

In the past, hacktivists have compared their activities to legitimate civil disobedience - but such a view is not a defence if suspected hackers are brought to court.

Furthermore, the UK police warned, targeting bodies outside Great Britain does not mean that hackers cannot be prosecuted under British law.

In my opinion, it's a timely warning by the Met Police, as it comes after a series of arrests of individuals suspected of being involved in Anonymous and LulzSec hacktivist activity, most recently the charging of an 18-year-old man from Shetland alleged to be LulzSec's spokesman "Topiary".

After other Anonymous-related arrests, we have seen internet attacks against Dutch and Italian police.

Presumably the UK police are keen that "Topiary"-supporting hacktivists don't use the internet in a revenge attack.

The full warning posted by the Met Police reads as follows:

Warning from Met Police

The investigation into the criminal activity of so-called "hacktivist" groups #Anonymous and #LulzSec continues. We want to remind people of the law in this area:

The Law Against Computer Misuse

Anyone considering accessing a computer without authority should understand that such acts are unlawful and can carry a term of imprisonment.

Under UK legislation, it is an offence if a person acts from within the UK upon a computer anywhere else in the world. It is also an offence if someone anywhere else in the world to criminally affect a computer within the UK.

The Computer Misuse Act 1990 states that anyone who gains unauthorised access to (or modifies) computer material may be liable to up to 2 years in prison (Section 1). It also says that anyone who gains unauthorised access to a computer and does an act

(a) to impair the operation of any computer;
(b) to prevent or hinder access to any program or data held in a computer, or
(c) to impair the operation of any such program or the reliability of any such data;

...may be imprisoned for up to 10 years upon conviction (Section 3).

These offences cover the acts of unauthorised access to personal accounts, Distributed Denial of Service (DDOS) Attacks and intrusive hacks where data is taken or systems changed.

Other jurisdictions have similar law.

Remember folks - if you assist in a denial-of-service attack you could be looking at a lengthy jail sentence.

, , , , , , ,

You might like

20 Responses to British police issue warning to internet hacktivists

  1. Anonpanda · 1116 days ago

    the police are now actively trying to make you shut up....

    • Hudz · 1115 days ago

      Erm, no...They're trying to remind people that illegal acts are subject to prosecution. Easy to criticise the police until you're the one who needs them, different story then.
      Incidentally, here you are able to express your opinion freely...I don't see anyone trying to shut you up. Just sayin'.

      • c'mon · 1114 days ago

        DDoS = worse than rape or GBH

        Says the law via the punishments it gives.

        They should be going after violent crime etc... proper police work for the people.

        WE ALL need police.
        But the laws they are made to enforce are NOT always for the people.

        FYi . The police need to be criticized when they do bad things. (eg police brutality )
        Criticizing them is not an act of treason or criminality.

        ______________________________________________________

        ""Easy to criticise the police until you're the one who needs them""

        So if you need them , they should be able to do whatever they want , with no criticism or consequences ?

        Reality check. Police officers are human with the associated good and bad traits.

        • Hudz · 1113 days ago

          @ c'mon....
          Where did I suggest or infer that the Police should be able to do what they want without consequences or critism? Not really following your train of thought there, or the 'reality check'?
          You appear to have put words in my mouth or misunderstood the comment I posted, then gone off on your own tangent. Fair enough.

        • myname · 944 days ago

          arm everyone!!!! who is gonna pull out weapons when they have the thought that you might have one too??? help your neighbor if they don't have a weapon!!! trust your neighbors!!!! even though the they want you to think your neighbors cant be trusted while the govt's rob you in the name of security. i'm getting too angry just thinking about the wrongs the govt's have done to the people!!! i hope anon shows them they don't belong in the free internet

      • guest · 1098 days ago

        Erm... Have you ever needed the police? I have on several occasions, lost £8000 in tool thefts and have been victim of a traffic accident set up, and you know what? They have done nothing at all. It would be easy to have sympathy for the police if they did their jobs, but they simply don't. They sit monitoring the internet, spy on us and apply for more powers to be able to snipe people while real crimes are being committed with impunity.

        Just saying

      • myname · 944 days ago

        only time i need the police is ???? well, you tell me when i might need them!!!

    • anonforjustice · 1098 days ago

      Anonpanda is 100% correct. Anybody who doesnt see the increase in police presence in our lives is blind. What freedoms can we sacrifice yet? What if I support the hackers verbally, am I a criminal? Where do we draw the line between democracy and police state? I encourage everybody reading this to ask yourself these quesitons and think about how free you really are. Im sure everybody in the UK loves that CCTV.

  2. Machin Shin · 1115 days ago

    In the past, hacktivists have compared their activities to legitimate civil disobedience - but such a view is not a defence if suspected hackers are brought to court.

    In a way I do have to agree with these groups on that respect. I would like someone to explain how a DDoS attack is really different then say a sit in? In the past groups would get people together to protest by physically going to a business and just block entry to the business by the number of people there sitting around. It seems to me that a DDoS is just a modern form of this.

    I'm not saying I agree with these hacking groups nor am I saying it should be without repercussions. I just think that the laws should look at these things for what they are. DDoS attacks are an annoyance for a business just like a sit in. It is not a damaging attack like a true hacking of their servers can be. DDoS is like people protesting at your business location where actual hacking is like someone throwing rocks through your windows and looting the business. They are two totally different levels and should be treated as such.

  3. Steve · 1115 days ago

    From that statement, I guess a DDoS is not the same as a sit-in after all...

  4. They're doing their job! You know? Locking up people who break the law. If only there was a law to shut up ill-informed half-wits who support these guys!

  5. p.s. Graham, please make links in your posts open a new tab/window. It's quite handy dandy to click a link so that it loads in another tab while you read the article itself .

    • I'm afraid our web usability gurus have told us that people don't like that (because they can't press "Back")

      You can always right click on a link and open it in a new window.

    • anon · 1115 days ago

      you can always middle click, or click with your scroll wheel on mouse.. that opens the link in a new tab!

  6. I still fail to see the big deal of DDoS'ing in a huge group.

  7. Matt · 1098 days ago

    It is also Illegal to accept bribes, assault protesters and arrest people without cause.

    Nice to see that, in the view of the police, the law is subjective. If YOU do it, it is illegal. If THEY do it, it isn't. See how that works?

    Lastly, I would encourage anyone to get involved in Hacktivism. There is no difference between DDoSing someone's website and standing outside their store with a sign. Both do little to actually damage the business (taking down a website is more like ripping down a poster than throwing a rock), but draws attention to the cause. Hacktivism hasn't yet had it's day in court and is a simple expression of free speech.

  8. weaverk · 955 days ago

    @matt
    the difference with a sit in is that you are only interupting your target and yourself,
    i doubt with a DDOS you are using your own pc and accessing your target directly...
    and even so you cause incovencience to your ISP etc

    so... not the same thing, does it kill to think a little? ^^

    • Filip · 945 days ago

      huh? when you do sit in you dont impact bypassing people? dont block area around the place? So you hardly interupt only your target and self, your viewpoint is moot

      and sry but incovencience for my ISP? Huh? It is no matter to my ISP if i stream all day HD videos from youtube or I send minimum traffic to specific site.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.