Thursday 31 January 2013

Why Should We Care?


Why Should We Care?

Surely with so many regulatory requirements and penalties for the
abuse of computer systems, nobody would dare to compromise your
system and risk heavy fines and/or imprisonment? The fact of the
matter is that cybercrime is on the increase and a successful attack on a
business can have devastating effects.
For instance:
• What is the effect of the publication of the presence of child
pornography on the servers of a supermarket chain?
• How difficult is it to regain a loss of reputation when a Web-site is
'slightly altered'?
• Do we care if my customers cannot buy books for 48 hours and have
their credit card details disclosed?
• Who cares if everyone's last salary review appears on the Intranet?
• What could happen if an outsider could read all your emails or
impersonate the Finance Director?

UK Computer Misuse Act, 1990

1990 Chapter 18
Unauthorized access to computer material:
1.
(1) A person is guilty of an offense if-
(a) he causes a computer to perform any function with the intent
to secure access to any program or data held in any computer,
(b) the access he intends to secure is unauthorized, and
(c) he knows at the time when he causes the computer to
perform the function that that is the case.
(2) The intent a person has to have to commit an offense under this
section need not to be directed at

(a) any particular program or data,
(b) a program or data of any particular kind, or
(c) a program or data held in any particular computer.
(3) A person guilty of an offense under this section shall be liable on
summary conviction to imprisonment for a term not exceeding
six months or to a fine not exceeding level 5 on the standard
scale or to both.
2.
(1) A person is guilty of an offense under this section if he commits
an offense under section 1 above (" the unauthorized access
offense") with intent
(a) to commit an offense to which this section applies; or
(b) to facilitate the commission of such an offense ( whether by
himself or by any other person); and the offense he intends to
commit or facilitate is referred to below in this section as the
further offense.
(2) This section applies to offences
(a) for which the sentence is fixed by law; or
(b) for which a person of twenty-one years of age or over (not
previously convicted) may be sentenced to imprisonment for a
term of five years (or, in England and Wales, might be so
sentenced but for the restrictions imposed by section 33 of the
Magistrates Courts Act 1980).
(3) It is immaterial for the purposes of this section whether the
further offense is to be committed on the same occasion as the
unauthorized access offense or on any future occasion.
(4) A person may be guilty of an offense under this section even
though the facts are such that the commission of the further
offense is impossible.
(5) A person guilty of an offense under this section shall be liable

(a) on summary conviction, to imprisonment for a term not
exceeding the statutory maximum or to both; and
(b) on conviction on indictment, to imprisonment for a term not
exceeding five years or to a fine or to both.
3.
(1) A person is guilty of an offense if -
(a) he does any act which causes an unauthorized modification
of the contents of any computer; and -
(b) at the time when he does the act he has the requisite intent
and the requisite knowledge.
(2) For the purposes of subsection (1)(b) above the requisite intent is
an intent to cause a modification of the contents of any and by so
doing -
(a) to impair the operation of any computer;
(b) to prevent or hinder access to any program or data held in
any computer; or
(c) to impair the operation of any such program or the
reliability of any such data.
(3) The intent need not be directed at-
(a) any particular computer;
(b) any particular program or data or program or data of any
particular kind; or
(c) any particular modification or a modification of any
particular kind.
(4) For the purposes of subsection (1)(b) above the requisite
knowledge is knowledge that any modification he intends to
cause is unauthorized.
(5) It is immaterial for the purposes of this section whether an
unauthorized modification or any intended effect of it of a
kind mentioned in subsection (2) above is, or is intended to
be, permanent or merely temporary.

(6) For the purposes of the Criminal Damage Act 1971 a
modification of the contents of a computer shall not be
regarded as damaging any computer or computer storage
medium unless its effect on that computer or computer
storage medium impairs its physical condition.
(7) A person guilty of an offence under this section shall be
liable-
(a) on summary conviction, to imprisonment for a term not
exceeding six months or to a fine not exceeding the
statutory maximum or to both; and
(b) on conviction on indictment, to imprisonment for a term
not exceeding five years or to a fine or to both.



at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)
  • Finding the Greatest Common Divisor
    Finding the Greatest Common Divisor The Euclidean algorithm is based on the following theorem: For any nonnegative integer a and any...
  • Traffic Confidentiality
    7.2. Traffic Confidentiality We mentioned in Chapter 1 that, in some cases, users are concerned about security from traffic analysis....