Feeds

Tsunami hacker convicted

Fine + costs for Daniel Cuthbert

Build a business case: developing custom apps

Daniel James Cuthbert was convicted today of breaking Section 1 of the Computer Misuse Act of 1990 by hacking into a tsunami appeal website last New Year's Eve.

District Judge Mr Quentin Purdy said: "For whatever reason Mr Cuthbert intended to secure access, in an unauthorised way, to that computer...it is with some considerable regret...I find the case proved against Mr Cuthbert." He was fined £400 for the offence and must pay a further £600 in costs.

Cuthbert, 28, of Whitechapel, London, told Horseferry Road Magistrates Court yesterday that he had made a donation on the site, but when he received no final thank-you or confirmation page he became concerned it may have been a phishing site, so he carried out two tests to check its security. This action set off an Intruder Detection System in a BT server room and the telco contacted the police.

The prosecution made an application for costs but declined to seize Cuthbert's Apple notebook on which the offences were committed. They made no further claim for compensation.

The defence asked for some sort of discharge because the case came close to "strict liability" - it was his responsibility but not his "fault". Mr Harding, for the defence, said: "His reasoning was not reprehensible. He was convicted because of the widely-drafted legislation that could catch so many."

Mr Purdy, speaking to Cuthbert in the dock, said: "I appreciate the consequences of this conviction for you are considerably graver than any I can impose. But you crossed an inappropriate line, time and expense was expended and anxiety caused. That aside, the price may be a heavy one for you to pay." Cuthbert lost his job as security consultant at ABN Amro as a result of his arrest and has only recently been able to find work.

DC Robert Burls of the Met's Computer Crime Unit said afterwards: "We welcome today's verdict in a case which fully tested the computer crime legislation and hope it sends a reassuring message to the general public that in this particular case the appropriate security measures were in place thus enabling donations to be made securely to the Tsunami Appeal via the DEC website."

Peter Sommer, who was an expert witness for the defence, said he thought the judge had a good understanding of the issues involved but "took a very strict view of the wording of the legislation." Sommer added that he thought the policing of minor offences should "not involve taking people to court but rather talking, warning and slapping wrists."

Asked if he thought the verdict would make it harder for the police to get help and cooperation from security professionals Sommer said: "It will certainly make them more wary."

Speaking after the verdict an upset Daniel Cuthbert told the Reg: "They've now set the bar so high that there should be thousands of convictions for people doing things like these. There will be lot of anger from security professionals and the police will find it harder to get help in future."

Cuthbert is considering a career outside the IT industry.

For the full text of Section 1 of the Act click here.

®

Endpoint data privacy in the cloud is easier than you think

More from The Register

next story
14 antivirus apps found to have security problems
Vendors just don't care, says researcher, after finding basic boo-boos in security software
'Things' on the Internet-of-things have 25 vulnerabilities apiece
Leaking sprinklers, overheated thermostats and picked locks all online
iWallet: No BONKING PLEASE, we're Apple
BLE-ding iPhones, not NFC bonkers, will drive trend - marketeers
Multipath TCP speeds up the internet so much that security breaks
Black Hat research says proposed protocol will bork network probes, flummox firewalls
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
Microsoft's Euro cloud darkens: US FEDS can dig into foreign servers
They're not emails, they're business records, says court
Plug and PREY: Hackers reprogram USB drives to silently infect PCs
BadUSB instructs gadget chips to inject key-presses, redirect net traffic and more
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
prev story

Whitepapers

7 Elements of Radically Simple OS Migration
Avoid the typical headaches of OS migration during your next project by learning about 7 elements of radically simple OS migration.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Solving today's distributed Big Data backup challenges
Enable IT efficiency and allow a firm to access and reuse corporate information for competitive advantage, ultimately changing business outcomes.
A new approach to endpoint data protection
What is the best way to ensure comprehensive visibility, management, and control of information on both company-owned and employee-owned devices?