Computer hacking

Hacking has been in the news a great deal in the last couple of years, for example, the 2016 US Presidential Elections, the extradition case of Lauri Love and the hacking of user accounts of various large companies in order to steal personal information. At the other end of the spectrum we see cases of police officers unlawfully accessing police computers (often charged as misconduct in public office).

Hacking is on the rise – it is a logical rise; as the number of web connected devices grows, with ever increasing numbers of people in locations which have only recently gained internet access (large parts of Africa and Asia for example), and more computer science based education teaching computing skills, it follows that more people will learn to hack and some of them will be prepared to do so.

What is hacking?

Put simply hacking is unauthorised access. The law (Computer Misuse Act 1990) says that hacking is:

–    causing a computer to perform any function with intent to secure access to any program or data held in any computer when;

–    that access is unauthorised; and

–    the person knows at the time when he causes the computer to function that that is the case.

The wording of the law is interesting – written in 1990 before the vast majority of households had internet connections or even computers, yet the wording has proven to be future-proof. Well done to those who drafted it.

Why would someone hack a computer?

Some people like to test their abilities, to see if they can get through high-security measures. Others may want access to be able to commit further criminal offences, the information obtained could be used for fraud, blackmail or other similar offences.

It is not necessary for a person to intend to use any of the information gained. The simple offence is the intent to gain access to information or data to which you would not usually have access, although see below for other offences.

Are there other offences?

As well as the simple offence set out above (unauthorised access), there are further offences of unauthorised access with intent to commit or facilitate further offences; unauthorised acts with intent to impair the operation of the computer; and unauthorised acts causing or risking serious damage.

What are the penalties?

These offences can be dealt with at the Magistrates Court or the Crown Court depending on the seriousness. The maximum penalty at the Crown Court is two years imprisonment and/or a fine for the simple offence of unauthorised access.

Where the offence is committed with intent to commit further offences, the maximum sentence becomes five years, and if committed with intent to impair operation the maximum sentence is ten years.

By way of examples, a man who gained access to websites and deleted data to cause inconvenience as revenge for his dismissal was given nine months’ imprisonment.

A man accessed the Welsh Assembly computer system on twenty occasions over a period of a week, reading a number of restricted, sensitive emails, was given four months’ imprisonment.  In another case 2 years imprisonment was imposed for introducing a number of viruses to the internet, causing unknown damage.

In many cases the sentences are much more severe.

Share

Contact Us

Go to Top