Denial of Service Attacks: Ineffective U.K. legislative overkill, how the Americans ?do it' and the recurring issue of regulation
| Author | Callum Beamish |
| Pages | 1-24 |
S.S.L.R. Denial of Service Atta cks
1
Vol.2
Denial of Service Attacks: Ineffective U.K. legislative
overkill, how the Americans ‘do it’ and the recurring
issue of regulation
Callu m Beam ish
‘Arrest us. We dare you . We are the un stop pable h acking gen erat ion...’
LulzSec – 19th July 20 11
The rapid d evelopmen t of the In ternet in the past 20 years has caused t he
network to becom e an essen tial tool, en trenched in our everyday lives. It has
created a generat ion t hat cannot im agin e life without it. H owever , it has also
spawned a gr owing communit y of people who can, and do, abuse this
dependency.
One might n ame th ose individu als “hackers”. A Denial of Ser vice (DoS) attack,
or a Distributed Denial of Service (DDoS) attack, is the archetypal 21st centu ry
hacker’s tool of choice; th e ter m “hacker” her e u sed incredibly broadly. It is
clear that these t ypes of att ack cau se vast dam age in their implementation and
wake. Th e victim base is not solely restricted t o the tar get an d can exten d to an
infin ite am oun t of parties, wheth er this is through impaired use of the
Internet or having compromised com puters th at are part of a Botnet.
Mor eover, the effect s of th ese attacks can cau se var ious degrees of dam age,
includin g great fin ancial loss, reput ation decline and securit y brea ches.
The U.K.’s regulatory respon se is legislative and relies u pon enfor cement by
the Crown Prosecu tion Service of the Com puter Misuse Act 1990 (CMA) as
amended by the Police and J u stice Act 2006 (PJ A). The amoun t of people
prosecuted under the CMA sin ce its inception is minimal, an d th e amount
prosecuted for DoS or DDoS attacks is negligible. The issue here is more
apparent when you take int o accoun t th at, in 2004, over 4,000 at tacks were
estimated to being or ch estr ated per week, an est im ate rising to 10,0 0 0 a day
in 200 7, and there were suggestions in 2011 that cybercrime was costing U.K.
busin esses over £27 b illion p er an num .
This paper assert s that the legal provisions relating to DoS attacks an d
cyber cr im e are currently in efficien t, qu estion ing whether th ere is a better
regulatory model available. It breaks down the relevant U.K. legislat ion
highlight ing its strengths and weaknesses. It looks at wh ere the legislation has
come from , consider in g legal, political and social factors. The heavy-han ded
[2012] Sou tha mpton Stud ent Law Review
2
Vol. 2
legislature eviden ced in the PJ A is also discussed, con sidering if it h as, in
realit y, rectified any issues or sim ply mu ddied t he water.
There is comparison of the U.K. position wit h th at of the U.S., wher e
prosecution for onlin e cyber crim e is com mon place. Consider ation is given to
the Com put er Frau d and Abu se Act (18 USC 1030 ) and par ticular reason s why
this efficien cy exists in the U.S. are explored. This takes into account factors
outside th e legislative sphere, with the aim of possibly learn in g something
from th ose acr oss th e Atlan tic.
This paper contemplates possible solu tion s to the current down falls,
consid erin g the public private divide and regulation on an overarching scale,
eviden cing the developm ent of the In ternet int o a network tha t can an d should
be r egulated by government. There is focus upon r egulatory models outside of
comman d and con trol, considering their efficiency with in the cyber sph ere
and wheth er th ey are bett er suited to deal with recur ring issues. Th us, there is
also indicat ion as to how the issues can best b e resolved .
Introduction
hen the World Wide Web was cr eated and coupled with th e
Internet,1 by Tim Berners-Lee, Robert Cailiau and others at CERN in
1990,2 it was not expect ed to becom e such an entren ched tool in our
lives. However, its developm ent from a research based network to a military
pr oject was r apid ly expand ed in th e 1990 ’s with Berners-Lee’s work and it now
stands as a global network, wit h int ernetworldstats.com est im ating its user
base at 2,0 95,0 0 6,0 0 5, as of March 31st 2011,3 with 16.2% of those bein g
within the European Union.4
The Intern et provides today’s global society with an unfathomed amount of
(what are generally accepted as) positive op portun ities. For exam ple: a vast
and continuously expand in g kn owled ge bank that can be accessed across the
world; instantaneous com munication to anywh er e that has an In ternet
connection ; and a platform for in dividuals to con nect globally in a manner
never before poss ible.
However, it mu st be stressed that the Intern et is a tool and like any tool it can
also be ut ilised to provid e negative opportu nities; a kn ife is an implemen t that
can preser ve life, but it can also take it. Th is paper will be focusing u pon the
negative opportunity of com puter crime, which now stand s as the ‘fourth
biggest threat to global stability’.5 However, com puter crime is an overarching
1 Her eafter collect ively ter med “t he In tern et”.
2 Ja net Abb ate, I nven ting the I nter net (1st ed n, MIT Pr ess 20 00 ) 214
3 www.in tern etwor ldsta ts.com a ccessed 7 th
Decem ber 20 11
4 ibid ac cessed 7 t h Dec embe r 20 11
5 The D aily Mail, ‘Cyber a tta cks now fou rth biggest thre at to global st abilit y, says Wor ld
Econ omic Fo rum ’ (12th J anu ary 20 12) < htt p:/ / ww w.da ilyma il.co.u k/ ne ws/ ar ticle -
W
To continue reading
Request your trial