Hacker prosecutions miss the point

Solicitor Ernest Aduwa examines in Fraud Intelligence the prevalence of cyber security flaws spanning across multiple industries.

Ernest’s article was published in Fraud Intelligence, 19 August 2015, and can be found here. Comments by Ernest regarding this have also been published in Factor Magazine, 12 August 2015. The full article can be read here.

When the Xbox and PlayStation gaming networks were knocked offline over Christmas in December 2014 the now infamous hacking group, Lizard Squad seemingly took responsibility for the attack. Recently, Julius Kivimaki, a Finnish teenager, was convicted of more than 50,000 computer hacks and given a two-year suspended prison sentence.

It’s easy to blame blackhat hackers for the rise in cybercrime. However, doing this is not going to solve any of the global problems faced in a world that is becoming more and more reliant on cyberspace.

Of course, Sony PlayStation and Xbox gamers were very upset and angry last December, but with each console retailing at several hundreds of pounds and Sony’s net profit more than tripling in second quarter of 2015, surely the public are entitled to a bit more protection.

The public are very much aware of the threat of cybercrime and deserve a new kite mark from businesses, governments and law enforcement agencies to be reassured that they are safe. It’s not too much to ask. How does Sony explain to consumers that with all their profits they aren’t able to stop a bunch of teenagers from shutting down their networks?

So-called “cybercriminals” are becoming untouchable. The re-emergence of the hacking forum “Darkode” weeks after law enforcement agencies bragged about taking it down is an illustration of this. More legislation is not the answer. Staffing an under-resourced police force is not the solution.

It would be a complete farce to arrest and prosecute the drivers of cars that crashed because of a manufacturing defect. In reality the cars are recalled. Toyota was fined $1.2 billion following a criminal investigation into whether it concealed safety defects from the public. This sent a clear message to the car industry: do not repeat Toyota’s mistake.

In the cyber world, rather than prosecuting talented young people, Sony, Microsoft, Ashley Madison and like companies should be explaining why their products and/or services were sold to the public if they were not safe and secure.

With that in mind, people shouldn’t be criticised for celebrating hacks that expose weaknesses in products or services that will affect the public. Hacktavist group, Anonymous, helped shed light on Microsoft’s new Windows 10, which, it says, features some disturbing privacy defaults.

With a celebration in mind, many are taking note that Lizard Squad’s anniversary is fast approaching.