Computer Misuse Act

3 June 2016 at 9:29am

Validating Password Dumps

Andrew Cormack
incident response
Computer Misuse Act
phishing
It's relatively common for incident response teams, in scanning the web for information about threats to their constituencies, to come across dumps of usernames and passwords. Even if the team can work out which service these refer to [*], it's seldom clear whether they are the result of current phishing campaigns, information left over from years ago, or even fake details published by intruders who want to inflate their claims.
Read more
15 January 2015 at 12:15pm

Cybercrime law: many variations!

Andrew Cormack
Computer Misuse Act
scanning
"Is scanning lawful?" sounds as if it ought to be a straightforward question with a simple answer. However investigating it turns out to be a good illustration of how tricky it is to apply real-world analogies to the Internet, and the very different results that different countries' legislators (and courts) can come up with when they try.
Read more
5 August 2013 at 11:24am

Directive on Attacks on Information Systems

Andrew Cormack
Botnets
Computer Misuse Act
Cybercrime
Regulation of Investigatory Powers Act
The EU has finally adopted a new Directive on attacks against information systems, first proposed in 2010. The Directive will require Member States, within two years, to ensure they meet its requirements on
Read more
17 October 2012 at 1:22pm

Analysing Malware lawfully

Andrew Cormack
Computer Misuse Act
incident response
malware
Malicious software, generally shortened to malware, is involved in a wide variety of security incidents, from botnets and phishing to industrial sabotage. Analysing what malware does and how it can be detected, neutralised and removed from infected computers is an important part of keeping networks and computers secure.
Read more

Computers and the Law

Andrew Cormack
Monday, July 16, 2012 - 12:07
Law
Computer Misuse Act
Regulation of Investigatory Powers Act
Data Protection Act
PB/INFO/005 Please note that this factsheet is written with no legal expertise and that no-one should take any action based solely on its content.  In particular, readers outside England and Wales may be subject to different legal systems.
Read more

2004 - All-Party Internet Group enquiry into the Computer Misuse Act 1990

Andrew Cormack
Thursday, June 28, 2012 - 13:16
Cybercrime
Computer Misuse Act
This is JANET(UK)’s response to the All Party Internet Group's enquiry into the Computer Misuse Act 1990.
Read more
6 June 2012 at 11:51am

EU considers “Hacking Tools” offences

Andrew Cormack
Computer Misuse Act
Cybercrime
The  European Commission seems to be revisiting ground covered by the UK’s 2006 amendment to the Computer Misuse Act, attempting to criminalise certain acts relating to devices/tools used for committing offences against information systems. The problem is that many computer programs – for example for identifying vulnerable computers, monitoring wireless networks or testing password strength – can be at least as valuable to those trying to secure networks and computers as to those trying to compromise them.
Read more
Subscribe to Computer Misuse Act