By Andy McCue
Special to ZDNet Asia
November 13 2006
Denial of service attackers in the United Kingdom now face up to 10
years in jail with updated computer crime laws coming into force this
week as part of the new Police and Justice Act 2006.
The long-overdue updating of the 1990 Computer Misuse Act also increases
the sentence for hacking a computer from a maximum of six months to two
Section three of the 1990 CMA is replaced by section 34 of the Police
and Justice Act 2006, which now more explicitly covers denial of service
attacks as "unauthorized acts with intent to impair operation of a
The act says a person is guilty of an offence if at the time of any
attack they have the intent to impair the operation of any computer,
prevent or hinder access to any program or data held on a computer, or
impair the operation of a program or the reliability of data.
Confusion had arisen over whether denial of service attacks were covered
in the original CMA in the case of a teenager originally cleared in 2005
of crashing the email server of his former employer by overwhelming it
with an 'email bomb' containing millions of messages.
That ruling was later overturned and David Lennon was found guilty
earlier this year of breaking the CMA, and was sentenced to a two-month
The new law also makes it an offence to supply or make available any
software or tools that could be used to commit hacking or denial of
service attacks, and those found guilty under this section of the act
face up to two years in jail.
As part of the Police and Justice Act 2006 the police IT organization
Pito has been abolished and its functions will be taken over by the new
National Policing Improvement Agency.
New powers under the Act will give police the right to access passenger
and crew data on any journeys within the United Kingdom or arriving in
the United Kingdom.
Andy McCue of Silicon.com reported from London.
Subscribe to InfoSec News