Earlier this week I blogged about a secondary school student who had been arrested after a distributed denial-of-service (DDoS) attack against websites in Vietnam.
Word has just reached me via local media reports that the authorities have allowed the student from the central province of Quang Nam to get off with little more than a slapped wrist.
An official from C15, the country’s hi-tech crime unit, is quoted as saying “The young hacker did not recognise that his attack was against the law. Moreover, this is the first time that he has made this mistake. So the police will not launch criminal proceedings against him.”
‘The website of Bach Khoa Antivirus (BKAV) was brought down by the DDoS attack.
So, just to be clear. The student did know enough about computers and the internet to spread viruses via USB flash drives to computers in internet cafes (and get his friends to help him with the scheme), and spread the malware via email and instant messaging. He also did know enough to take over some 1,000 compromised PCs and use them as a botnet to launch a crippling DDoS attack against BKIS (the makers of BKAV, a Vietnamese anti-virus product), shopping forums and an IT training group.
But he didn’t know enough about computers and the internet to realise that this was possibly against the law.
Well, that’s simply marvellous isn’t it.
I agree that not everyone who commits a computer crime should have the book thrown at them, and that – especially when young – anyone can make some dumb decisions in life, but is there a danger that the wrong message is being sent out here?