Computer Misuse Act

3 June 2016 at 9:29am
It's relatively common for incident response teams, in scanning the web for information about threats to their constituencies, to come across dumps of usernames and passwords. Even if the team can work out which service these refer to [*], it's seldom clear whether they are the result of current phishing campaigns, information left over from years ago, or even fake details published by intruders who want to inflate their claims.
15 January 2015 at 12:15pm
"Is scanning lawful?" sounds as if it ought to be a straightforward question with a simple answer. However investigating it turns out to be a good illustration of how tricky it is to apply real-world analogies to the Internet, and the very different results that different countries' legislators (and courts) can come up with when they try.
5 August 2013 at 11:24am
The EU has finally adopted a new Directive on attacks against information systems, first proposed in 2010. The Directive will require Member States, within two years, to ensure they meet its requirements on
17 October 2012 at 1:22pm
Malicious software, generally shortened to malware, is involved in a wide variety of security incidents, from botnets and phishing to industrial sabotage. Analysing what malware does and how it can be detected, neutralised and removed from infected computers is an important part of keeping networks and computers secure.
PB/INFO/005 Please note that this factsheet is written with no legal expertise and that no-one should take any action based solely on its content.  In particular, readers outside England and Wales may be subject to different legal systems.
This is JANET(UK)’s response to the All Party Internet Group's enquiry into the Computer Misuse Act 1990.
6 June 2012 at 11:51am
The  European Commission seems to be revisiting ground covered by the UK’s 2006 amendment to the Computer Misuse Act, attempting to criminalise certain acts relating to devices/tools used for committing offences against information systems. The problem is that many computer programs – for example for identifying vulnerable computers, monitoring wireless networks or testing password strength – can be at least as valuable to those trying to secure networks and computers as to those trying to compromise them.
Subscribe to Computer Misuse Act