The year in security - a look back at 2005

By Matt Whipp

Posted on 22 Dec 2005 at 15:49

Some of these arrests were the result of lengthy international investigations, while others were simply sailing far too close to the wind. One such incident occurred in November when a 20-year-old man from Los Angeles was arrested for infecting computers with zombie code that was subsequently used to push adverts and send spam. One of those infected computers belonged to the Weapons Division of the US Naval Air Warfare Center in China Lake, California and the US Department of Defense. Now that's one way to get on the radar.

It's one thing to get an arrest; quite another to convict. And the particular problems bridging that gap for the UK were never made clearer than when a man walked free from court on Denial of Service charges as it was ruled that the provisions of the 15-yera-old Computer Misuse Act did not criminalise that activity.

A group of MPs came up with a 10-minute bill to update the CMA in March, but it ran out of parliamentary time, and the UK is left with this ageing legislature to cope with ever-more sophisticated computer crimes.

In addition to this, there lacks any formal mechanism to report viral infections. Should your computer become infected, you can't phone a police station and expect to get any satisfactory response. But when the authorities decide that a crime has actually occurred, they then have to go about assembling the evidence after the fact. Surely a topsy-turvy way of tackling the problem.

So for next year, we should be looking to have the legislative framework around cybercrime in the UK spun up to speed, because right now it's just not working.